Penetration Tester (Brydge) at 54 Collective

• We are looking for a skilled Penetration Tester to play a crucial role in safeguarding our platform, ensuring our clients can trust Brydge for secure transactions across the globe.

Key Responsibilities

• Conduct comprehensive penetration testing on Brydge’s B2B payments platform, identifying and exploiting security vulnerabilities in web applications, networks, and APIs
• Perform thorough security assessments of Brydge’s financial services ecosystem, including cloud environments, to ensure the safety of domestic and international transactions
• Simulate real-world cyberattacks on critical infrastructure, including our trade finance and order-2-cash automation workflows
• Collaborate with the development teams to implement security patches and provide actionable recommendations for mitigating vulnerabilities
• Provide detailed reports on findings and remediation strategies, ensuring transparency with both technical and non-technical stakeholders
• Monitor and stay updated on the latest cybersecurity threats, ensuring that Brydge remains ahead of potential attacks
• Assist in creating and maintaining security documentation and playbooks to improve security awareness and practices across the organisation
• Ensure compliance with relevant regulations and security standards, especially those associated with financial technology platforms

Required Skills And Qualifications

• Minimum 5 years of roven experience as a Penetration Tester or Ethical Hacker, preferably in the financial services or fintech industry
• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent practical experience)
• Strong understanding of penetration testing frameworks such as OWASP, PTES, and NIST
• Expertise with security tools like Burp Suite, Metasploit, Nmap, Nessus, and other vulnerability assessment tools
• Familiarity with cloud security (AWS) and containerised environments (Docker, Kubernetes)
• Experience with payment systems and financial technologies is a plus
• Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automating security tasks
• Understanding of key security concerns around B2B payment systems, trade finance, and global transactions
• Relevant certifications such as OSCP, CEH, GPEN, or CISSP are preferred
• Strong analytical, problem-solving, and critical thinking abilities
• Detail-oriented and committed to providing high-quality, actionable reports
• Excellent communication skills, able to explain technical findings to non-technical stakeholders
• Ability to work independently and as part of a team

Nice to Have

• Experience with social engineering techniques and physical penetration testing
• Familiarity with compliance standards such as PCI-DSS or ISO 27001