CrawlJobs Logo

Pentest Coordinator

https://www.soprasteria.com Logo

Sopra Steria

Location Icon

Location:
Spain , Madrid

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a Pentest Coordinator to join our team. The role involves coordinating the full lifecycle of pentesting and SAST services, acting as the primary link between internal Cybersecurity teams and vendors, and ensuring service delivery alignment with internal policies.

Job Responsibility:

  • Full-service coordination lifecycle of pentesting and SAST services: Planning: Validate requirements, define scope, and organize kick-off / closing meetings with the Business and
  • Execution: Ensure providers have the necessary credentials, environments, and permissions
  • Monitoring: Track progress, support resolution of blocking point, and ensure adherence to guidelines and good practices
  • Closure: Review reports, validate findings, and coordinate remediation plans
  • Act as the primary link between the internal Cybersecurity teams and pentesting service vendors
  • Ensure service delivery alignment and compliance with internal policies during testing

Requirements:

  • From 3 to 5 years (SSr) of proven working experience in cybersecurity fields like vulnerability management, security assessment/testing or application security (mandatory)
  • Experience coordinating activities/services -process oriented, not people oriented- (mandatory)
  • Experience in managing and communicating with vendors
  • Strong knowledge of application security and penetration testing methodologies
  • Familiarity with web, mobile, and API technologies
  • Global knowledge of application security architecture (application layering, DMZs, WAFs, etc.), network segmentation, web application security best practices like development environments (dev, prod, test)
  • Ability to interpret and validate technical reports (important)
What we offer:
  • 23 days annual leave
  • Continuous training: technical and transversal skills and languages
  • Life and accident insurance
  • Flexible benefits program (health insurance, meal vouchers, childcare vouchers, mobility, and training)
  • “Privilige Club” access, where you will find deals for several brands
  • Detailed and personalized onboarding
  • Recreational spaces in our offices
  • Companionship and great working environment
  • Opportunity to develop your professional career with an individualized career development plan

Additional Information:

Job Posted:
April 16, 2026

Employment Type:
Fulltime
Icon
Sopra Steria - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Pentest Coordinator

Product Security Engineer

We are looking for a highly skilled PSIRT Engineer to lead the vulnerability res...
Location
Location
United States , Foster City
Salary
Salary:
180000.00 - 325000.00 USD / Year
replit.com Logo
Replit
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience running or triaging for bug bounty programs (HackerOne ideally)
  • Strong ability to triage, validate, and reproduce vulnerabilities independently
  • Deep understanding of web/app/cloud vulnerability classes, OWASP Top 10, misconfigurations, authN/Z issues, etc.
  • Familiarity with cloud platforms (GCP preferred) and SaaS architectures
  • Strong understanding of CI/CD workflows, code structure, and software engineering fundamentals
Job Responsibility
Job Responsibility
  • Manage intake from bug bounty platforms (HackerOne preferred), customer reports, automated scanners, pentest reports, and coordinated disclosure channels
  • Independently validate, reproduce, severity-score, and document findings
  • Identify duplicates and maintain a clean vulnerability records pipeline
  • Assess relevance and exploitability using OWASP, cloud misconfiguration patterns, and identity/authentication/authorization risks (Oauth, OIDC)
  • Work with Engineering, SecOps, IT, SRE, and Cloud Security to confirm product impact and drive remediation
  • Provide detailed reproduction steps, proof-of-concepts, and technical analyses
  • Track SLAs, remediation progress, regression testing, and systemic improvements
  • Support SOC 2, ISO 27001, and pentest evidence needs as part of vulnerability lifecycle governance
  • Design and evolve the bug bounty program, including scope, rules, and reward structures
  • Manage platform selection, private vs. public launches, and community engagement
What we offer
What we offer
  • Competitive Salary & Equity
  • 401(k) Program with a 4% match
  • Health, Dental, Vision and Life Insurance
  • Short Term and Long Term Disability
  • Paid Parental, Medical, Caregiver Leave
  • Commuter Benefits
  • Monthly Wellness Stipend
  • Autonomous Work Environment
  • In Office Set-Up Reimbursement
  • Flexible Time Off (FTO) + Holidays
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

The Security team at Zip is responsible for protecting the confidentiality and i...
Location
Location
United States , San Francisco
Salary
Salary:
160000.00 - 220000.00 USD / Year
ziphq.com Logo
Zip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience writing production-quality code for security tooling and services
  • Strong written and verbal communication with internal and external stakeholders
  • A solid understanding of security risks and the ability to balance security with business requirements
  • Experience with web applications, APIs, and cloud environments. At Zip, our stack includes Python, React, GraphQL, Kubernetes, and AWS
Job Responsibility
Job Responsibility
  • Design and implement technical controls to eliminate or mitigate classes of security vulnerabilities
  • Support the development of secure products through design reviews, threat models, static/dynamic scans, and hands-on security assessments
  • Validate, triage, and coordinate security findings from bug bounty and third party pentests
  • Mentor security analysts and security champions on security best practices and techniques
What we offer
What we offer
  • Start-up equity
  • Full health, vision & dental coverage
  • Catered lunches & dinners for SF employees
  • Commuter benefit
  • Team building events & happy hours
  • Flexible PTO
  • Apple equipment plus home office budget
  • 401k plan
  • Fulltime
Read More
Arrow Right

Senior Engineer, Security

As a Senior Security Engineer you will be a subject matter expert responsible fo...
Location
Location
United States , Boston, MA
Salary
Salary:
Not provided
atscale.com Logo
AtScale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years Security Engineering / AppSec experience in high-scale distributed systems
  • Experience securing both cloud and on-prem enterprise software deployments
  • Strong hands-on technical background: code, runtime debugging, containers, K8s, CI/CD
  • Expert level understanding in CVEs, vulnerability management, dependency management, SBOM
  • Experience building/operationalizing threat detection, telemetry, and security logging pipelines
  • Strong SOC 2 execution experience (control implementation + evidence + testable automation)
  • Able to work cross-functionally and influence
Job Responsibility
Job Responsibility
  • Hands-on development and tooling to secure code, containers, runtime, and deployment pipelines
  • Lead CVE remediation efforts and build sustainable CVE automation and gating
  • Implement security telemetry, malware detection, anomaly detection, and secure phone-home supportability for on-prem customers
  • Drive secure coding practices, static/dynamic analysis, threat modeling, and secure SDLC enablement
  • Collaborate with Platform, SRE, DevOps, and QA to harden infra, IAM, and default configurations
  • Participate deeply in code reviews, architecture reviews, and design reviews
  • Lead CrowdStrike SIEM integration efforts, including building custom connectors and data pipelines to enhance visibility, detection coverage, and security monitoring capabilities.
  • Work directly with Sales, Sales Engineering, and customers on security posture, audits, POCs, compliance reviews, and enterprise buyer security questions
  • Own security observability and monitoring, defining logs, metrics, alerts, and dashboards to ensure real-time visibility and rapid threat detection.
  • Manage and coordinate 3rd-party penetration testing engagements, scope definition, evidence delivery, and remediation plans
What we offer
What we offer
  • Competitive compensation, including equity.
  • Flexible, remote-friendly work environment with a strong culture of ownership and trust.
  • Unlimited PTO and competitive benefits.
  • The opportunity to directly shape AtScale’s growth by building the team that powers our next phase.
  • Fulltime
Read More
Arrow Right

Application Security Engineer

Location
Location
Salary
Salary:
Not provided
ryzlabs.com Logo
Ryz Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3-5 years of experience in secure software development, Security Architecture, threat modeling, or related roles
  • Relevant Professional certifications such as CISSP, OSCP, GWEB, CREST-CWAT or similar are highly desirable
Job Responsibility
Job Responsibility
  • Work as an internal security consultant to help product & engineering teams understand the security risk and advise them on best practices
  • Design and implement secure architecture solutions for applications and systems
  • Conduct threat modeling exercises to identify and mitigate potential security threats
  • Document and communicate threat modeling findings and recommendations
  • Perform periodic Security Assessments and code reviews to ensure compliance with SSDLC practices
  • Perform proactive research to detect new attack vectors and pentest internal and external apps
  • Implement security controls and best practices within CI/CD pipelines. Automate the security testing tools and processes within the CD/CI pipeline
  • Develop security tools and security metrics
  • Manage and Oversee vulnerability disclosure program by coordinating with external researchers to validate and triage reported vulnerabilities
  • Develop and maintain security standards and guidelines for application development
Read More
Arrow Right

Security Producer

Techland is one of the biggest video game companies in Poland, with over 30 year...
Location
Location
Poland , Warszawa; Wrocław
Salary
Salary:
Not provided
techland.net Logo
Techland S.A.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in project or production management, preferably in tech, gaming or cybersecurity-related domains
  • Excellent organizational and communication skills – you can chase people for updates without being annoying
  • Comfortable working with engineers, IT, legal and external vendors – and keeping everyone on the same page
  • Experience using modern project tracking tools (e.g. Jira, Notion, Confluence, Miro)
  • Ability to turn abstract risks or findings into clear action items with timelines and assignees
  • Sense of ownership and accountability – you follow things through
  • Very good command of English
Job Responsibility
Job Responsibility
  • Coordinating cross-functional security projects across teams: Security, IT, Technology, DevOps, and Game Development
  • Ensuring visibility and clear ownership of ongoing security initiatives – risk mitigation, hardening, compliance, incident readiness
  • Tracking progress of tasks across tools (e.g. Jira, Confluence) and maintaining up-to-date documentation
  • Helping define priorities, timelines and resource needs for security-related work
  • Working with external vendors (e.g. SOC, pentesters, auditors, outsource) – scheduling, communication, deliverables
  • Supporting internal stakeholders by translating security needs into actionable steps aligned with production reality
  • Facilitating communication between technical and non-technical participants in security projects
  • Collaborating with leadership to align security efforts with company goals and risk tolerance
  • Maintaining an overview of security budget, tooling costs and licenses
What we offer
What we offer
  • A wide array of benefits: private medical care, life insurance, pro-health campaigns, gifts for different occasions
  • An outstanding work atmosphere in a highly-skilled team of professionals, with flexible working hours, no dress code, and full support of the dedicated HR Business Partner
  • Many opportunities for personal development: a dedicated development budget for each employee, extra two paid days for training and CSR, stable career paths, extensive internal and external training, and financing of English and Polish language classes
  • State-of-the-art offices filled with chillout zones, a fully equipped kitchen, a gym (Wrocław office), and a free car park (Warsaw limited amount of space)
Read More
Arrow Right
New

Senior Application Security (AppSec) Engineer

Location
Location
Japan , 東京23区
Salary
Salary:
10000000.00 - 16000000.00 JPY / Year
https://www.randstad.com Logo
Randstad
Expiration Date
April 30, 2027
Flip Icon
Requirements
Requirements
  • 3+ years of experience in the applications security (AppSec) domain, including hands-on experience in code analysis, threat modelling, and an understanding of pentesting
  • Familiarity with key application security principles, frameworks, and technologies (e.g., CWE, MITRE, OWASP, CIS Benchmarks)
  • Strong communication skills and confidence to work closely with leads, senior devs, and the CTO, while being mature enough to handle reasonable pushbacks
  • Experience building security controls into CI/CD pipelines (GitHub actions, CircleCI, GitLab CI/CD)
Job Responsibility
Job Responsibility
  • Flexible working style: Flex-time and hybrid working style
  • English & Japanese Useage: This position regularly coordinates with overseas stakeholders, and would be a great opportunity to utilize your English and Japanese abilities on a regular basis
  • Global Tech Environment: Support a diverse team in a industry-leading global company
What we offer
What we offer
  • 健康保険
  • 厚生年金保険
  • 雇用保険
  • 土曜日
  • 日曜日
  • 祝日
  • Fulltime
Read More
Arrow Right

Information Security Operations Consultant

We are looking for an IS Operations Consultant to support the setup and operatio...
Location
Location
Salary
Salary:
Not provided
n-ix.com Logo
N-iX
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security operations (SOC, VM, IR, or similar)
  • Strong hands-on knowledge of security technologies (SIEM, EDR/XDR, vulnerability scanners)
  • Experience working in enterprise or multi-entity environments
  • Familiarity with cloud security concepts (AWS, Azure, IAM, logging, encryption)
  • Working knowledge of regulatory frameworks such as ISO 27001, DORA, or NIS2
  • Experience supporting external security vendors (MSSP coordination is a plus)
  • Strong communication skills and ability to work across distributed teams
  • Fluent in English and Spanish
  • German is a plus
  • Certifications (CISSP, CISM, or similar) are advantageous but not mandatory
Job Responsibility
Job Responsibility
  • Support oversight of external MSSP delivering 24x7 monitoring and incident response
  • Contribute to incident response coordination and post-incident reviews
  • Assist in strengthening cyber resilience through process improvement and operational enhancements
  • Support vulnerability management processes (validation, prioritization, remediation follow-up)
  • Coordinate penetration testing activities and tracking of remediation
  • Support the execution of security awareness campaigns and training monitoring
  • Contribute to alignment with regulatory and audit frameworks (ISO 27001, NIST, DORA, NIS2)
  • Support preparation of audit evidence and documentation
  • Assist in KPI reporting (vulnerabilities, risks, remediation status)
  • Contribute to maintaining consolidated security risk tracking
What we offer
What we offer
  • Flexible working format - remote, office-based or flexible
  • A competitive salary and good compensation package
  • Personalized career growth
  • Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)
  • Active tech communities with regular knowledge sharing
  • Education reimbursement
  • Memorable anniversary presents
  • Corporate events and team buildings
  • Other location-specific benefits
Read More
Arrow Right

Grc Consultant

In Cyclad we work with top international IT companies in order to boost their po...
Location
Location
Poland
Salary
Salary:
110.00 PLN / Hour
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3–6 years of experience as a GRC Consultant or in a similar IT security role
  • Solid knowledge of IT risk management, cybersecurity frameworks, and compliance practices
  • Strong understanding of Agile methodologies
  • Experience in vulnerability management and remediation
  • Ability to manage stakeholders and communicate effectively across teams
  • Strong analytical thinking and problem-solving skills
  • Independent, proactive mindset with a consultant approach
Job Responsibility
Job Responsibility
  • Ensure deployment of security and continuity policies across the organization
  • Influence business decisions to align with security goals and objectives
  • Ensure applications are onboarded into relevant security tools (SAST, AVS, Pentests, SCA, ANON)
  • Promote security by design and security by default principles in software architecture and development
  • Support troubleshooting and debugging of security issues
  • lead cross-functional vulnerability remediation initiatives
  • Participate in agile ceremonies (Sprint Planning, Backlog Review) with a strong focus on security
  • Provide regular reporting on application security levels and vulnerabilities to IT Risk & Cyber Security stakeholders
  • Share best practices with central IT Risk & Cyber Security teams and other security officers
  • Coordinate and follow up on continuity tests and exercises
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs). Family package option possible.
  • Multisport card (also for an accompanying person).
  • Life insurance.
  • Work with talented engineers on large-scale, technically challenging projects.
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries Tools About Us FAQ Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy