Junior Offensive Security Engineer

Join to apply for the Junior Offensive Security Engineer role at Satispay. About Satispay Satispay was born to revolutionise everyday payments – making them simple, fair, and accessible to everyone. Now, the focus has moved even further, aiming to shape the future of money. We’re a movement empowering millions of people, driven by a shared purpose to tackle big challenges. And we’re just getting started. We move quickly, think boldly, and trust each other to challenge the norm, learning and growing as we go. If you’re looking for more than just your next job – if you want to build something impactful with a talented team – you’re in the right place. Role Overview As a Junior Offensive Security Engineer, you’ll support our team in securing our cloud infrastructure, mobile, and web applications. This is a growth‑oriented role where you will learn to identify vulnerabilities and help enhance our detection and mitigation strategies. What Your Day‑to‑Day Will Look Like Penetration testing – Perform penetration testing on mobile (iOS & Android) and web applications. Under the guidance of a senior engineer, you’ll use tools like Frida to bypass security controls and analyze app behavior at runtime. Code and architectural review – Develop the ability to review source code for logic flaws, collaborating with developers to implement secure design patterns, and assisting in reviewing cloud infrastructure for full security coverage. Scripting & automation – Develop scripts to automate repetitive testing tasks, create proof‑of‑concept exploits, and parse tool results to help the team move faster. Collaborate on defense – Work closely with the rest of the Security team to test monitoring capabilities, participate in attack simulations, and help improve overall detection strategies. Documentation and Reporting – Write technical reports of findings and help document remediation steps for development teams. Expect challenges, collaboration, and the freedom to bring your ideas to life. Things change quickly here, so be ready to adapt, take initiative, and shape your role as we grow. Who We’re Looking For Strong Foundations – Good knowledge of information security basics, networking, web application architecture, and familiarity with common web vulnerabilities (SQL injection, XSS, IDOR, race conditions). Hands‑on Experience – 0–2 years of experience. This could be from internships, university projects, active CTF participation, bug bounties, or personal research. Curious Mindset – You don’t just want to run a tool; you want to figure out how business logic can be bypassed and understand the “why” behind each vulnerability. Scripting Skills – Ability to read and write code in at least one scripting language (e.g., Python) for task automation and creating simple proof‑of‑concepts. Interest in Mobile Security – A strong interest in learning how to secure Android and iOS apps. Any exposure to Frida or Objection is a great starting point. Soft Skills – Clear communication, eagerness to learn, and proven capability of working collaboratively in a team environment. Nice‑to‑have Previous contributions to open‑source security tools or published CVEs/advisories. Cybersecurity certifications (e.g., eJPT, OSCP, PortSwigger certifications). Experience with standard penetration testing tools such as Burp Suite and Nmap. Familiarity with AWS or other cloud environments. Don’t worry if you don’t tick every box. We believe in the power of different viewpoints and strengths. Your unique perspective is important as we build something special. If you’re passionate and can make a difference, we truly encourage you to apply. Our Benefits & Perks We believe high commitment, effort, and impact deserve to be highly rewarded and supported. That’s why we created Satispay CareAbout, our way of making sure you’re supported in your well‑being, growth, and finances: