We are looking to hire a penetration tester, local or remote. The job involves security testing of systems and applications. The bulk of our work is testing web applications and web services, we also do network security tests, hardware security, redteaming, custom systems/applications, etc. Our clients are large companies with a lot of exciting systems and applications they let us hack. :)

We offer a salary (obviously), home office compensation, cell phone with paid subscription, laptop, company car with fuel card or train/public transport pass, lunch vouchers, eco cheques and hospitalization insurance. We encourage our employees to do trainings and certifications (and pay training/certification fees). We are a small company and can be quite flexible.

For fully remote work, we prefer somebody located in EU.

For local, most of the work at the moment will be done from home. Occasionally projects require on-site presence.

We are looking for somebody with solid knowledge and understanding of IT security. Since the most of our work is related to web apps, knowing and fully understanding vulnerabilities and attacks from OWASP Top 10 is a requirement. During the interview we will ask you to explain the step by step attack scenarios, security impact of the attack, mitigation factors and possible fixes. Good knowledge of TCP/IP and networking, operating systems security, mobile security is a definite plus. Electronics experience is welcome. Prior software development or IT operations experience is a plus too. Good written and spoken English is a requirement, Dutch and/or French is a plus. We do not require specific education level or certificates, but if you have them it's good.

Send your CV to jobs@gremwell.com with [Job] in subject.

We perform the security testing of all kinds of IT systems: web applications, mobile applications, custom client-server applications, telephony and VoIP systems, hardware, systems, networks, etc. The goal of a security test is to identify the security vulnerabilities in the system under test, assess their business impact and provide recommendations for fixing them. Read more about how we work...

Web application security tests

Mobile applications security tests

Internal and external network tests

Social engineering and phishing

Penetration testing and redteaming

Telephony and VoIP systems security tests

Hardware security tests

Custom application and system security tests

Secure development training

We work in confidentiality and value our clients' privacy. Therefore we can not provide the names of all our clients. However some of our clients have given us their permission to use them as a reference:

Proximus. Belgium's telephone and mobile operator.

Allianz Benelux. Insurance and financial services.

Portima. IT Solutions for insurance industry.

DEME Group. Dredging and land reclamation.

DKV Belgium. Health insurance and related services.

Barco. Digital projection and imaging technology.