Penetration Tester/Ethical Hacker
hace 1 semana
Penetration Tester/Ethical Hacker (Senior and mid Level) Formato hibrido "Oficina/remoto" Wizlynx Group, with the founding core of our company headquartered in Switzerland since 1992, is an ethical, trustworthy, and vendor-agnostic global Cyber Security provider. Our vision is to be a best-in-class global Cyber Security company, enabling customers to focus on their core business by providing high-quality, value-added, and innovative Cyber Security services. This position is offered under a hybrid work model, requiring a maximum of 4 on‑site days per month at our offices located in the south of Mexico City (CDMX). The selected candidate will be exclusively assigned to one of our strategic clients, focusing 100% on supporting and securing their environment. We are looking for a Mid–Senior Web Application Pentester with strong hands‑on experience in web and API security testing. This role is 100% focused on web applications, with limited exposure to mobile testing. The ideal candidate has a strong offensive mindset, understands real‑world attack scenarios, and is capable of identifying not only technical vulnerabilities but also business logic flaws, especially in e-commerce and transactional platforms. Roles and Responsibilities Perform manual-focused penetration tests on web applications, prioritizing real exploitation over automated scanning. Conduct security assessments on REST and GraphQL APIs, including authentication, authorization, access control and data exposure testing. Analyze and exploit authentication and authorization mechanisms, including: OAuth 2.0 / OpenID Connect (authorization flows, scopes, token handling and misconfigurations) JSON Web Tokens (JWT): claim manipulation, insecure algorithms, expiration and signature validation. Identify and exploit business logic vulnerabilities, particularly in e‑commerce platforms (price manipulation, payment bypass, discount abuse, privilege escalation). Discover and exploit common and advanced web vulnerabilities, including: IDOR / BOLA, BFLA Mass Assignment and insufficient server‑side validation. Produce clear and technical pentesting reports, including proof of concept, business impact and actionable remediation recommendations. Collaborate with development and security teams to explain attack vectors and mitigation strategies. Stay up to date with OWASP Top 10 (Web & API) and emerging web attack techniques. Must‑Have Requirements Practical experience testing REST APIs. Solid knowledge of OAuth 2.0 / OpenID Connect. Strong understanding of JWT structure, validation and common attack vectors. Ability to identify and exploit business logic flaws, especially in e‑commerce scenarios. Advanced usage of Burp Suite, complemented by manual testing techniques. Ability to write clear, technical and actionable reports. Offensive mindset and strong analytical skills. Nice‑to‑Have Experience testing GraphQL APIs. Experience with e-commerce platforms. Security certifications (OSCP, OSWE, eWPT, CRTO or similar). Experience with CI/CD or DevSecOps environments. Participation in CTFs or bug bounty programs. Languages English required. Spanish a plus. Seniority level Mid–Senior Employment type Full‑time Job function Information Technology Computer and Network Security Get notified about new Penetration Tester jobs in Mexico City, Mexico. #J-18808-Ljbffr
-
Penetration Tester
hace 2 semanas
Mexico City Dell GmbH A tiempo completoPenetration Tester Dell GmbH•Ciudad de México, Mexico Descripción del trabajo Penetration Tester Únete a nosotros como Analista Senior en nuestro equipo de Pruebas de Penetración en Ciudad de México – Presencial en Santa Fé, para realizar el mejor trabajo de tu carrera y generar un impacto social profundo. El candidato ideal posee un sólido...
-
Penetration Tester
hace 2 semanas
Mexico City Dell GmbH A tiempo completoPenetration Tester Dell GmbH•Ciudad de México, Mexico Descripción del trabajo Penetration Tester Únete a nosotros como Analista Senior en nuestro equipo de Pruebas de Penetración en Ciudad de México – Presencial en Santa Fé, para realizar el mejor trabajo de tu carrera y generar un impacto social profundo. El candidato ideal posee un sólido...
-
Penetration Tester
hace 3 semanas
Mexico City Dell GmbH A tiempo completoPenetration Tester Únete a nosotros como Analista Senior en nuestro equipo de Pruebas de Penetración en Ciudad de México – Presencial en Santa Fé, para realizar el mejor trabajo de tu carrera y generar un impacto social profundo. El candidato ideal posee un sólido entendimiento de las superficies de ataque en tecnologías web, redes y sistemas...
-
Penetration Tester
hace 3 semanas
Mexico City Dell GmbH A tiempo completoPenetration Tester Únete a nosotros como Analista Senior en nuestro equipo de Pruebas de Penetración en Ciudad de México – Presencial en Santa Fé, para realizar el mejor trabajo de tu carrera y generar un impacto social profundo. El candidato ideal posee un sólido entendimiento de las superficies de ataque en tecnologías web, redes y sistemas...
-
Senior Penetration Tester
hace 3 semanas
Mexico City Dell A tiempo completoA leading global technology company is seeking a Penetration Tester to join their team in Mexico. The role involves conducting authorized penetration testing exercises, reporting on security issues, and collaborating with the development of cybersecurity strategies. The ideal candidate will have at least 2 years of experience in Information Security with...
-
ESPECIALISTA SEGURIDAD APLICATIVA
hace 1 semana
Mexico City Grupo Financiero Banorte A tiempo completoEn Banorte buscamos talento único, fuerte y extraordinario, que impulse la transformación e innovación del país, convirtiéndonos en un gran aliado para crecer fuerte con México. Estamos convencidos que la combinación de solidaridad, innovación, respeto, lealtad y responsabilidad es la fórmula perfecta para ser el mejor equipo del sector financiero....
-
ESPECIALISTA SEGURIDAD APLICATIVA
hace 1 semana
Mexico City Grupo Financiero Banorte A tiempo completoEn Banorte buscamos talento único, fuerte y extraordinario, que impulse la transformación e innovación del país, convirtiéndonos en un gran aliado para crecer fuerte con México. Estamos convencidos que la combinación de solidaridad, innovación, respeto, lealtad y responsabilidad es la fórmula perfecta para ser el mejor equipo del sector financiero....
-
Expert Cybersecurity Penetration Tester
hace 2 días
Mexico City beBeePenetration A tiempo completoSecurity Expert Opportunity About Us: We are a leading technology services organization, providing high-value services to our clients. Experience a collaborative and inclusive work environment where you belong. Job Description The role of the security expert is to conduct thorough penetration tests on networks and web applications. Additionally, this...
-
Senior Web App Pentester – Hybrid
hace 1 semana
Mexico City wizlynx group A tiempo completoA global Cyber Security provider is seeking a Penetration Tester (Mid-Senior level) for a hybrid role based in Mexico City. The candidate will focus on manual penetration testing of web applications and REST APIs, ensuring the security of e-commerce platforms. Successful applicants will have strong analytical skills and an understanding of business logic...
-
Application Tester
hace 1 semana
City, México Solera A tiempo completoWho We Are The Role What You’ll Do - Work as a member of the Application Security Team to pentest APIs, Web Apps, Mobile Apps and Web Services. - Collaborate with the Dev Team to remedate security vulnerabilties. - Conduct vulnerability assessments - Perform penetration testin to identify weaknesses and assess their potential impact. - Analyze test...
