Pentester/Ethical Hacker

At DongIT, we believe good security starts with curiosity and creativity. We are looking for an Ethical Hacker who enjoys breaking things for the right reasons and helping organizations improve their security. If you thrive on finding vulnerabilities, sharing knowledge, and working together in a skilled and friendly team, this role may be the right fit for you.

Apply Now

Working at DongIT

About the Role

As an Ethical Hacker at DongIT, you will be directly involved in testing and improving the security of web applications, APIs, mobile apps, networks, and even IoT systems. Our projects vary: from black-box pentests to red team exercises, phishing simulations, and social engineering assessments. Your primary goal is to identify weaknesses, demonstrate their actual impact, and produce reports that clients can understand and utilize to enhance security.

What You’ll Do

• Perform penetration tests on web applications, APIs, mobile apps, networks (internal and external), and IoT devices.
• Review cloud environments (AWS, Azure, GCP) to find misconfigurations and security risks.
• Examine source codes to detect vulnerabilities.
• Detect and exploit vulnerabilities to show risk and impact.
• Write clear, actionable reports that help clients improve their security.
• Discuss findings with clients and support remediation.
• Research new vulnerabilities and attack techniques to stay sharp.
• Contribute to red team, phishing, or social engineering projects.
• Collaborate with the team to deliver high-quality results and share knowledge.
• Keep improving your skills through projects, training, and certifications.

Note: Don't worry if you don't tick every box. We value curiosity, a hacker mindset, and a willingness to learn more than a perfect match.

What We’re Looking For

Required Skills & Experience:

• Someone with a hacker mindset: curious, creative, and persistent in finding security weaknesses.
• Experience in pentesting, security consulting, or related work.
• Knowledge of common vulnerabilities and tools such as Burp Suite, Nmap, Metasploit, etc.
• Basic scripting skills (Python, Bash) and networking knowledge.
• Ability to explain technical issues clearly to clients and colleagues.
• Enjoys working in a friendly and supportive team.

Nice to have:

• Mobile testing experience (iOS/Android).
• Knowledge of cloud platforms (AWS, Azure, GCP).
• Skills in reverse engineering or malware analysis.
• Experience with red team engagements or advanced exploitation techniques.
• Relevant certifications (OSCP, OSWE, eCPPT, eMAPT, eCPTX or similar). 

Why Work at DongIT? 

• Exciting Projects – Work on diverse pentests for leading organizations, from web apps to mobile and networks.
• Real Impact – Your findings directly help clients strengthen their security and protect critical systems.
• Small, Skilled Team – Collaborate with passionate developers and security specialists.
• Hybrid Work – Flexible remote work options or join us at our Leiden office (5 min from the station!).
• Personal Growth – Time and budget for training, courses, and certifications.
• Great Work Atmosphere – Informal, friendly environment with fun team events.
• Competitive Salary – Based on experience and education level.
• Extras – Pension plan, travel compensation, NS train card, and high-end laptop.
   

Ready to Join us?
If you enjoy thinking like a hacker, finding vulnerabilities, and helping clients improve their security, we'd love to hear from you!
Apply now and become part of the Pentesting team at DongIT!
 

Apply Now

Note: Acquisition in response to this vacancy is not appreciated. We do not accept candidates through third parties, including recruitment parties, employment agencies, headhunters, and outsourcing organizations.