Red Team PenTester
Job Summary
About the Role
Were seeking a highly skilled Penetration Tester with hands-on offensive security experience to join our growing security this role you will assess the security posture of web applications networks cloud platforms and internal infrastructures through realistic attack simulations.
This position is ideal for someone who enjoys challenging technical work thrives in hands-on exploitation and can translate findings into clear risk-based guidance for both technical and non-technical audiences.
Key Responsibilities
Perform web application API network and infrastructure penetration tests
Identify exploit and document security vulnerabilities in real-world scenarios
Conduct manual testing beyond automated scanners
Execute adversary-style attack chains (lateral movement privilege escalation AD abuse)
Perform source code reviews (where applicable)
Assess cloud environments (AWS Azure GCP) for common configuration and architectural weaknesses
Produce high-quality reports with clear technical detail and business impact
Present findings and remediation guidance to engineering and management teams
Support remediation mitigation validation and retesting
Stay current with vulnerabilities exploit techniques TTPs and offensive security research
Required Skills & Experience
Technical Skills
3 years of hands-on penetration testing / offensive security experience
Strong understanding of:
oWeb vulnerabilities (OWASP Top 10 API security issues)
oInternal network and infrastructure attack techniques
oActive Directory exploitation (Kerberoasting delegation abuse ACL misconfigurations NTLM relay)
oPrivilege escalation on Windows and Linux
Experience using core offensive tools:
oBurp Suite Nmap Metasploit
oBloodHound CrackMapExec Impacket
Solid understanding of foundational concepts:
oTCP/IP DNS HTTP(S)
oAuthentication (Kerberos NTLM OAuth2 SSO)
Comfortable working in:
oLinux & Windows environments
oBash PowerShell and basic Python scripting
Strong reporting skills (technical clarity business impact)
Soft Skills
Excellent verbal and written communication skills
Ability to explain risks to both technical and non-technical stakeholders
Self-driven curious and proactive
Effective time management across multiple engagements
Professional client-facing demeanor
Nice to Have
Certifications: OSCP PNPT CRTO OSWE
Red Team / adversary simulation experience
Cloud penetration testing experience
Source code review skills (Java C# Python JavaScript)
Threat modeling and attack path analysis
Experience with EDR/AV evasion techniques (ethical/lab settings).
Creating Secure Connections and Infrastructure for a Smarter World
NXP Semiconductors N.V. (NASDAQ: NXPI) makes products and environments safer more sustainable and more secure with innovative connectivity and edge processing solutions for a smarter world.
We are in the business of better. Not just better technologies but better innovations to improve society. As the world leader in secure connectivity and processing solutions for embedded applications NXP is solving the worlds most complex technology challenges to accelerate business innovation enhance how we work and advance how we live.
Ready to create a smarter world Visit our career website and follow us on social: LinkedIn Facebook and Twitter.
What can you expect
Contract: This is a fulltime position with a permanent contract
Compensation: Besides a good salary you will be eligible for our bonus plan and receive lunch vouchers 25 vacation days and the possibility to buy company shares with a 15% discount. We also have flexible work hours and a work from home policy.
Development opportunities: We believe that a key component to growing our business is to develop our people. To enable you to grow your career at NXP we offer online and offline learning opportunities to help you develop some of your core and professional skills.
Our office: We are based in one of the high tech hubs in Bucharest with easy access to public transport and restaurants and parks close by. We have many relaxation areas on-site including a little library where you can borrow books sofas to relax in a quiet place and a cafeteria and restaurant in our common area.
Hiring process: Applying only takes a minute! Fill in the online application and share your CV with us. After a positive screening based on your CV you will have an initial phone or video conversation with our Talent Acquisition Consultant followed by several business interviews. Here are some useful tips to help you prepare.
And more: Life at NXP is more than work alone. We like to start our day with a free coffee and chat with a colleague and on Thursdays we have fresh fruits for all employees. Join us at one of the many social activities that are organized by and for employees such as our Christmas parties our employee childrens party and food fairs. Or help us give back to society by donating blood or collecting clothes and food for children in need.
Whats next
Candidates are invited to apply on our career page with the resume and motivation letter in English for one or several open jobs at the same time.
At the application stage all candidates should have a valid visa and work permit to work in Romania.
If youre excited about this opportunity we kindly invite you to apply!
Please note: The successful candidate may/will be responsible for security related tasks. The assignment may/will be in scope of security certifications therefore a conscious and reliable way of working is necessary.
#LI-9ccbAbout Company
NXP is a global semiconductor company creating solutions that enable secure connections for a smarter world.