Junior Penetration Tester - Pentester

Company Description

Creating a future worth living for future generations gets us out of bed every morning. Depending on the project, we are consultants, implementers, or both for sustainable, innovative and economical solutions for real estate, industry, energy and infrastructure. Our 6,500 employees at over 70 locations worldwide support our customers in interdisciplinary teams. Our thinking is both visionary and realistic. We work independently and as part of a team. With passion and the latest technologies. We unite. Join us at Dreso and let’s create a world we want to live in.

Job Description

We are seeking an Entry-Level Penetration Tester (Junior Pentester) to support our cybersecurity team in identifying and assessing security vulnerabilities across systems, networks, and applications. This role offers hands-on experience in offensive security practices and operates under the guidance of senior penetration testers. You will contribute to strengthening the organization’s security posture by simulating real-world attack scenarios and supporting remediation activities.

Key Responsibilities

• Conduct and support vulnerability assessments and penetration testing engagements across networks, systems, web applications, and cloud environments
• Identify, validate, and document security vulnerabilities and misconfigurations
• Assist in developing proof-of-concept (PoC) exploits and attack simulations
• Prepare clear and structured reports detailing findings, impact, and remediation recommendations 
• Collaborate with IT, DevOps, and security teams to track remediation activities
• Maintain and configure penetration testing tools (e.g., Nmap, Burp Suite, Metasploit)
• Stay up to date with emerging threats, vulnerabilities, and offensive security techniques 

Qualifications

• Degree in Computer Science, Cybersecurity, Information Technology, or a related field 
• At least one recognized penetration testing certification (CEH, OSCP, CompTIA PenTest+, GPEN) 
• Basic understanding of:
  • Networking protocols (TCP/IP, DNS, HTTP)
  • Linux and Windows operating systems 
• Internship or hands-on lab experience in penetration testing
• Participation in CTFs (Capture the Flag) or bug bounty programs
• Familiarity with cloud environments (Azure, AWS), security frameworks (e.g., OWASP, NIST) and penetration testing tools (Nmap, Burp Suite, Metasploit, Wireshark)
• Understanding of vulnerability scanning and exploitation concepts
• Basic scripting skills (Python, Bash, or PowerShell)
• Understanding of common attack techniques (e.g., reconnaissance, privilege escalation)
• Strong analytical and problem-solving abilities
• Strong attention to detail when identifying vulnerabilities
• Willingness to learn and adapt in a fast-evolving threat landscape
• Ability to work both independently and as part of a team
• Advanced English level (C1)

Additional Information

• To ensure your work-life balance, we offer the option of mobile working
• We promote your professional and personal development through individual training and further education at the Drees & Sommer Academy
• We support your health with a bonus for sports enthusiasts. We offer the possibility of subscribing to a private health insurance policy
• Employees benefit from tax advantages related to their commuting expenses for the office
• Fiscal advantages for employees expenses in meal costs during the worktime. Employee referral program with attractive bonus scheme 
• Supporting career and family by receiving tax benefits for kindergarten expenses