To achieve the highest level of protection in the company, the Security team builds and fine-tunes security systems, processes, and training programs to ensure that passive cybersecurity is the first line of defense. 

Each day, this team fights against cyber criminals using a range of globally trusted cybersecurity products, including but not limited to EDR/XDR, MDM, HIDS, NIDS, DLP or SOAR solutions, collecting threat intelligence information and absorbing it in our systems in order to strengthen our company’s security posture and prevent cybersecurity incidents.

As a Penetration Tester, you will be an integral part of our Security Red team, responsible for assessing and enhancing the security stance of our systems and products. Your expertise will play a crucial role in identifying vulnerabilities and recommending countermeasures to protect against potential attacks.

If you want to:

  • Conduct comprehensive penetration testing and security assessments against different targets, including: web applications, cloud platforms (most known IaaS or PaaS), internal and external networks, most common operating systems, in order to find and exploit vulnerabilities;
  • Perform manual code audits as part of web application penetration testing;
  • Evaluate how well applications and security controls can withstand different types of attacks (black, gray, and white box) using both manual and automated penetration techniques;
  • Develop scripts, tools, or methodologies to enhance penetration testing processes;
  • Adjust penetration testing methodology according to the solution and environment architecture and threat model;
  • Create comprehensive penetration test reports detailing methodology, findings, and recommendations;
  • Review and provide feedback for information security fixes, collaborating with the technical team to share findings and best practices.

  • And you can check off:

  • Hands-on experience in penetration testing or red teaming, including 5 years of overall work experience in the IT field;
  • In-depth understanding of network protocols, including ARP, DNS, and TCP/IP;
  • Proficiency in using code or scripting languages, including Bash, Python, and PowerShell;
  • Strong knowledge and control of exploits, OWASP or OSSTM methodologies, and web vulnerabilities;
  • Expertise in using Kali and tools like Burp, Nessus, Nmap, Metasploit, ZAP, Acunetix and other security tools;
  • Analytical thinking, with a desire to learn, teach, and share with others.

  • Bonus points if you:

  • Are already certified on (or planning to achieve): OSCP, OSCE, OSWE, GPEN, LPT Master;
  • Have a background in software development or system administration.
  • Here's the deal:

  • Growth and learning opportunities: time dedicated to learning, conferences, online learning platforms, and books for your professional development;
  • Health and wellness: we want you to feel and be your best. That's why we offer various benefits, from online workouts, a physical coach and a gym to regular mental health checks;
  • Tools of your choice: choose technical equipment and the tools you need to do your best;
  • Community and celebrations: get ready for long-lasting traditions such as yearly workation, Friday get-togethers, various team buildings and company celebrations;
  • Convenient commuting: traveling from point A to point B can be a pain. That’s why, depending on your unique circumstances, we compensate part of your public transport costs;
  • Work-life balance: as a general rule, we work based on a 3+2 hybrid model. And let’s not forget the WFA policy – an opportunity to work from anywhere in the world;
  • Premium Surfshark accounts: for you, your family, and friends;
  • Gross salary: 3150-5960 Eur/month for the Lithuanian market. It may vary depending on your skills, experience, or location. 
  • Share:

    Apply for this Job

    Tell us about yourself

    Your CV

    Upload .pdf, .doc, .docx, .png, or .jpg file*

    Got anything else to add? We’d love to chat with you!

    By ticking this box, you agree with Surfshark B.V. contacting you with future job opportunities for up to 3 years. Your personal data will be processed as described in this Privacy Notice. You can always withdraw your consent.

    Fields marked with an asterisk (*) are required.

    How we hire

    Here at Surfshark, we don’t believe in the “one size fits all” process. We tailor it to ensure the best experience for our candidates and to match them with the right job position.
    We start with a simple “hello” - whether that’s online or in-person - to see if our expectations match.
    If we agree to move forward, we find the best way for you to showcase your skills and expertise.
    We want our teams to have chemistry, so we provide an opportunity to meet potential teammates or other colleagues for a chat.
    An offer, more discussions - this is up to you. We want you to feel confident with your decision and make the right choice.
    A waving hand with the word hey near it.

    Looking for something different?

    Take a look at what else is open.

    All Job Openings