Are you a penetration tester with several years of experience?

Combitech is now looking for experienced penetration testers to join our team located in Gothenburg, Stockholm, Linköping, and Sundsvall. As a penetration tester at Combitech, you will be part of a unit consisting of specialists in Penetration Testing and Red Teaming.

Your role as a penetration tester

The penetration testing unit at Combitech is a technically strong and socially cohesive team, geographically spread across several locations in Sweden. We work broadly, from IoT and web security to networks, Active Directory, Automotive, and OT/ICS, taking on complex assignments for government agencies, the defense industry, industry, and the financial sector.

The tasks in this role involve executing assignments for our clients. The core of our working method is always collaboration, where we work with team deliveries where different competencies complement each other to ensure higher quality, better problem-solving, and continuous learning. To facilitate this, we have regular meetings where we share experiences, methodologies, and updates, as well as create spaces for technical discussions and planning, so everyone can feel involved and contribute their knowledge.

We invest in your development and offer you support for certifications, time for learning, and the opportunity to represent us at conferences and in professional networks. This is a place where you contribute and grow, both professionally and personally.

Each assignment concludes with a report and often a corresponding presentation, both in Swedish and English. You will communicate with both technically knowledgeable individuals and those without a technical background.

Travel is frequent in this role as many of our assignments require us to be on-site with our clients due to security protection reasons, as well as to perform tests that require physical proximity to the test object.

The locations for the positions are Gothenburg, Stockholm, Linköping, or Sundsvall.

Who are you?

We are looking for senior penetration testers with at least five years of experience in the field. You are well-versed and confident regarding approaches, methodologies, and techniques in penetration testing including planning, scoping, and test design, and you have encountered many types of IT environments in your career. You have knowledge of relevant standards, frameworks, and methods (e.g., OWASP, TIBER, etc.), a strong technical foundation in networks and infrastructure, good operating system knowledge (Linux and Windows), and experience with virtualization/containers.

As a senior, we also believe that you are accustomed to helping plan, define assignments, and contribute to test plans for various projects. In other words: you can take project/delivery responsibility, lead test teams, deliver timelines, estimations, and sign-offs. A technical degree is desirable, but your experiences and personal qualities weigh heavier than a specific degree.

To thrive in the role, you are flexible and able to travel, build client relationships, and work onsite as needed, which is crucial for maintaining good relationships and successful projects. You find it easy to collaborate with others and contribute to a positive atmosphere in the unit. We are a technical team that supports each other and helps where needed; we believe you share our joy in spreading knowledge to colleagues and helping each other move forward. You are structured in your work and have a strong ability to express yourself in both Swedish and English, in both speech and writing.

We understand that you may not have experience in all these areas, but we value your expertise in several of them. Certifications such as OSCP, SANS/GCIA/GPEN, CREST, or ISC2 can be meritorious, as these are often requested by our clients. Experience in Red Team work, scenario-based testing, and threat actor simulation is also valuable. Other areas that may be relevant include in-depth knowledge of Active Directory and Windows internals, practical experience in cloud security in AWS, Azure, or GCP, including IAM and cloud attacks, as well as cloud-related certifications. Competence in web security and advanced tools like Burp Suite, experience with AI and LLM, OT security and industrial systems, wireless communication, and IoT security are of interest. We also view positively knowledge in hardware and embedded systems, programming and scripting, exploit development, reverse engineering, and malware analysis, secure code review, and OWASP ASVS, as well as experience with storage solutions and advanced network architectures.

As the position involves work subject to defense secrecy, you are required to undergo and be approved in a security clearance with a background check.

Selection will take place in January due to the Christmas holiday. We look forward to your application!

Come & make a difference

For us, our employees are the key to building a smart and resilient society. We know that the impact of today’s technology can only reach its full potential when the right people are in the right place using it. We believe in the power of collective intelligence and experience - something that arises when individuals with different skills and perspectives meet. Therefore, we prioritize diversity and inclusion, as we know it is crucial for enhancing creativity, innovation, engagement, and well-being.

Want to know more about what it’s like to work with us? Check out our career pages!

Contact person: Jonas Wennerberg, recruiting manager, jonas.wennerberg (@) combitech.com

We kindly decline recruitment collaborations.