Senior Penetration Tester / Security Engineer

Join ARHS Group, part of Accenture, as a Senior Penetration Tester / Security Engineer (m/f), and bring your security expertise to projects that are shaping the digital future of Europe. If you’re passionate about application security, comfortable with tools like Burp Suite, Nmap, Metasploit, or Nessus, and active on platforms like HackerOne, Hack The Box, or TryHackMe—then we’d love to meet you. You’ll become a key member of our internal cybersecurity team in Luxembourg, contributing to high-impact projects for major European institutions, all while working in a dynamic and innovation-driven environment. THE WORK:

• Perform automated and manual penetration testing on web and mobile applications, as well as on cloud and on-premise infrastructures.
• Identify and help mitigate vulnerabilities, proposing secure architecture improvements and solutions.
• Provide support to development teams, promoting secure coding practices and integrating security into the software development lifecycle (DevSecOps).
• Work closely with customers to understand their security needs and ensure those are effectively met.
• Analyse and enhance current penetration testing methodologies.
• Write and present concise, technical, and actionable reports.
• Contribute to internal knowledge sharing and continuous team development.
• Act as a security advocate within the organization, driving innovation and improvement.

The work location for this role is an ARHS – Part of Accenture office. Our roles require in-person time to encourage collaboration, learning, and relationship-building with clients, colleagues, and communities. As an employer, we will be as flexible as possible to support your specific work/life needs. HERE’S WHAT YOU’LL NEED:

• A Master’s degree in Computer Science, Information Security, or equivalent (or solid practical experience in cybersecurity).
• 4+ years of professional experience in penetration testing or red teaming.
• Proven experience with internal pentests and/or red team exercises.
• Strong knowledge of common penetration testing tools and techniques.
• Ability to think critically, learn fast, and stay up to date with emerging threats and vulnerabilities.
• Proficiency in writing clear and detailed technical reports.
• You have or are planning to pursue one or more of the following: OSCP, OSWE, eCPPTv2, CHFI, GIAC GPEN.

Technical environment:

• Security standards: OWASP Top 10, MITRE ATT&CK
• Tools: Burp Suite Pro, Kali Linux, Nessus, Metasploit, Nmap
• DevSecOps principles and secure SDLC
• Programming/scripting: Java, C/C++, PHP, Python
• Networking: OSI/TCP stack, network protocols
• Cloud: Familiarity with AWS and/or Azure environments
• Methodologies: Agile practices

BONUS POINTS IF YOU HAVE:

• Previous experience in software development.
• Hands-on experience in bug bounty programs or exploit development.
• Holding AWS Certified Security, Azure Security Engineer Associate certifications.