- Málaga
- Experienced professional
- Full-time
Experienced professional |
IT |
Full-time
Ethical Hacker (Application Security)
Experience Level
Experienced professional
Area
IT
Employment Type
Full-time
Company
Drees & Sommer
Start Date
By arrangement
We are looking for a highly skilled and motivated Ethical Hacker (Application Security) to strengthen our Cybersecurity Operations team. In this role, you will help secure the digital backbone of our organization by identifying vulnerabilities, simulating real-world attacks, and ensuring our applications are resilient against evolving threats. You’ll work closely with developers, architects, and IT teams to embed security into every stage of the development lifecycle.
Your Responsibilities
Integrate SAST,DAST, SCA , and secrets-scanning tools into build pipelines; enforce security gate policies and champion secure coding standards with development teams
Perform code reviews and threat modeling in collaboration with development teams
Develop and maintain secure coding guidelines and best practices
Support incident response teams with forensic analysis and root cause investigations
Stay current with the latest vulnerabilities, attack vectors, and mitigation techniques
Contribute to security awareness and training initiatives across the organization
Plan and execute quarterly red-team simulations. Translate findings into new detections, control enhancements, or developer training
Provide architectural guidance for new product features, focusing on threat modelling, security design reviews, and compliance (OWASP, GDPR).
YOUR TASKS
We are looking for a highly skilled and motivated Ethical Hacker (Application Security) to strengthen our Cybersecurity Operations team. In this role, you will help secure the digital backbone of our organization by identifying vulnerabilities, simulating real-world attacks, and ensuring our applications are resilient against evolving threats. You’ll work closely with developers, architects, and IT teams to embed security into every stage of the development lifecycle.
Your Responsibilities
Conduct penetration tests and security assessments on web, mobile, and cloud-based applications
Integrate SAST,DAST, SCA , and secrets-scanning tools into build pipelines; enforce security gate policies and champion secure coding standards with development teams
Perform code reviews and threat modeling in collaboration with development teams
Develop and maintain secure coding guidelines and best practices
Support incident response teams with forensic analysis and root cause investigations
Stay current with the latest vulnerabilities, attack vectors, and mitigation techniques
Contribute to security awareness and training initiatives across the organization
Plan and execute quarterly red-team simulations. Translate findings into new detections, control enhancements, or developer training
Provide architectural guidance for new product features, focusing on threat modelling, security design reviews, and compliance (OWASP, GDPR).
Your Profile
Strong hands-on experience in ethical hacking, penetration testing, or red teaming
Proficient in tools such as Burp Suite, OWASP ZAP, and custom scripts
Solid understanding of common vulnerabilities (OWASP Top 10, CWE) and secure development practices
Comfortable reading and reviewing code in languages such as C#, Python, Java, JavaScript, and SQL
Familiarity with frameworks like AngularJS
Awareness of AI/LLM-related application security risks is a plus
3–5 years of experience in penetration testing or security consulting preferred
Degree in Computer Science, Information Security, or a related field
Professional certifications such as OSCP, OSWE, or BSCP are a strong advantage
At least 2 years of experience in information security-related roles
Your Advantages
A dynamic and collaborative environment where cybersecurity is a strategic priority
A team that values creativity, initiative, and continuous improvement
To ensure your work-life balance, we offer the option of mobile working
We promote your professional and personal development through individual training and further education at the Drees & Sommer Academy
We support your health with a bonus for sports enthusiasts. We offer the possibility of subscribing to a private health insurance policy
Employees benefit from tax advantages related to their commuting expenses for the office
About Us
Creating a future worth living for future generations gets us out of bed every morning. Depending on the project, we are consultants, implementers, or both for sustainable, innovative and economical solutions for real estate, industry, energy and infrastructure. Our more than 6,500 employees at 70 locations worldwide support our customers in interdisciplinary teams. Our thinking is both visionary and realistic. We work independently and as part of a team. With passion and the latest technologies. We unite. Join us at Dreso and let’s create a world we want to live in.
THE FOLLOWING JOBS MAY ALSO BE OF INTEREST FOR YOU
APPLICATION PROCESS
Want to learn more? Apply today in 5 minutes through our job portal.
True to our statement “Blue is boundless”, we welcome applications from people who are as diverse as we are—regardless of age, disability, ethnic origin or nationality, gender, religion, sexual orientation, or social background.
You can find out more about our application process and our FAQs here.
Contact
YOUR CONTACT PERSON
Still have questions? Then please feel free to contact us!
Concha Mendez Garcia
Human Resources
Tel.: +34 666 743738
We look forward to receiving your application.
YOUR CONTACT PERSONStill have questions? Then please feel free to contact us! Concha Mendez Garcia Tel.: +34 666 743738 We look forward to receiving your application. | Apply now | |