VACANCY ANNOUNCEMENT

Company: NOVUS

Position: Penetration Tester (5 Positions)

Employment type: Full-time

Location: Prishtina (On-site)

Recruitment status: We are continuously recruiting talented cybersecurity professionals.

Novus is an IT company, working with clients on information security, risk management, infrastructure, and compliance-related projects. We are expanding our cybersecurity team and are looking for motivated professionals who want to grow in the security field.

Tasks and responsibilities.

• Plan, scope, and execute penetration tests on web applications, APIs, network infrastructure, cloud environments, mobile applications and wireless networks for Novus clients.
• Conduct vulnerability assessments and validate findings through manual exploitation to eliminate false positives and demonstrate real-world business impact.
• Perform red team engagements, social engineering campaigns (phishing, vishing), and adversary simulation exercises aligned with MITRE ATT&CK and TIBER-EU frameworks.
• Test compliance with industry standards and regulatory requirements (PCI DSS, ISO/IEC 27001, DORA, NIS2, BaFin/BAIT) and produce evidence to support client audits.
• Develop, maintain, and improve internal testing methodologies, tooling, scripts, and playbooks based on OWASP, OSSTMM, NIST SP 800-115, and PTES.
• Prepare clear, professional penetration testing reports with executive summaries, detailed technical findings, risk ratings (CVSS), reproduction steps, and prioritized remediation guidance.
• Present findings and remediation plans to Novus clients’ technical teams and management, including post-engagement debriefs and retesting of remediated issues.
• Evaluate offensive security tools and technologies to identify the most suitable solutions for Novus client’s.
• Prepare technical proposals within their area of expertise and assist in evaluating client requirements and scoping engagements.
• Work closely together with Novus team to identify and propose new technology solutions, service offerings, and project opportunities in offensive security.
• Take part in group meetings, presentations, workshops, and other events where he/she can provide additional expertise and contribute to Novus reputation and service excellence.
• Assist other Novus staff members on project deliverables in fields where he/she is an expert, including incident response support and threat hunting engagements.
• Stay up to date with the latest cybersecurity threats, attack techniques, exploits, CVEs, and defensive technologies. Continuously enhance his/her knowledge through new training and related field certifications, which are crucial for Novus partnership development.
• Prepare professional documentation of projects that he/she is involved in, ensuring confidentiality, chain of custody, and secure handling of client data and findings.

How to Apply

To apply, please send your CV to [email protected] clearly stating the position title in the email subject line.

Relevant certifications, projects, GitHub profiles, portfolios, or security write-ups are considered an advantage.