**Do you want to develop your professional career?** BBVA is a global company with more than 160 years of history operating in over 25 countries, serving more than 80 million customers. We are more than 121,000 professionals working in multidisciplinary teams with diverse profiles including finance, legal experts, data scientists, developers, engineers, and designers. **BBVA: Where your ideas become new opportunities. Join us!** **Main job function:** Conduct penetration tests on web, mobile applications, and APIs to identify security vulnerabilities. Analyze and validate technical findings, document risks, and generate clear reports focused on effective remediation of identified vulnerabilities. Your work will be key to strengthening the organization's security posture. **Academic background:** Professional degree in Systems Engineering, Telecommunications, Electronics, or related fields. Postgraduate education in Cybersecurity is required. **Type and years of experience:** Minimum of two (2) years of experience in offensive security roles such as Pentester, Ethical Hacker, Red Team, or Security Tester. **Technical knowledge/tools:** Proficiency with vulnerability analysis and exploitation tools such as: * **BurpSuite**, OWASP ZAP, Postman, Nmap, SQLMap, Frida, Ghidra, IDA Pro, Metasploit. * Industry reference frameworks such as **OWASP Top 10 (Web, API, Mobile)**, **SANS CWE Top 25**, **NIST**, and other industry best practices. Solid knowledge in: * Conducting security testing in web, mobile, and API environments. * Protocols and architectures such as HTTP/HTTPS, REST, SOAP, JSON, JWT, OAuth, and multi-factor authentication mechanisms. * Programming and scripting languages such as Python, JavaScript, Bash, PowerShell. * Encryption, authentication, and authorization principles in modern applications. **Skills and Competencies:** * Analytical ability and attention to detail. * Effective communication skills, with the ability to translate technical findings into clear language for non-technical audiences. * Genuine interest in cybersecurity and a commitment to continuous learning. * Collaboration with both technical and non-technical multidisciplinary teams. **Desirable certifications:** Having at least one of the following certifications will be positively valued: * **OSCP** (Offensive Security Certified Professional) * **CEH** (Certified Ethical Hacker) * **GPEN** (GIAC Penetration Tester) * **BurpSuite Certified Practitioner** * Other relevant certifications in pentesting and offensive security. *Hello! Are you ready to join a team passionate about technology and innovation? At BBVA Colombia, we're looking for people like you, eager to start new professional adventures and curious to discover what the future holds within our organization.* *Continuous learning and knowledge sharing are part of our DNA. We are passionate about technology and committed to being key players in global* *#digitaltransformation* *.* *But that's not all—we are a diverse and inclusive team, advancing our equality plan through our @NextTechWoman ambassadors. We are looking for committed individuals who want to become part of our team.* *If you share our passion for technology, continuous learning, and diversity, apply now to see if we're a match! We're excited to meet you and explore how together we can continue driving innovation in Software Engineering and emerging technologies.* *Join us and \#shareyourbrain ! We're waiting for you! Welcome to BBVA Colombia!*