At mgm, we have been developing secure web applications for the commerce, insurance and public sector for over two decades and rely on model-driven software development with our enterprise low code platform A12. Our more than 850 colleagues at 19 international locations are united by a passion for digitalisation. Our projects are wide-ranging:

  • We develop international online shops, digital marketplaces and operate in the e-food sector.
  • Thanks to our solutions, commercial and industrial insurers are able to digitize their product portfolio and conduct business online with partners and customers.
  • And in the public sector? As a fundamental partner of various customers in the public sector, we help to digitalise public processes and to advance the implementation of the Online Access Act.

In doing so, we develop web applications that meet the requirements for security, performance and a high number of users and deal with trend topics such as app development, chatbots and the use of blockchain.

You want to be part of our new mgm office in Porto? We are looking forward to you becoming part of our team as a

Senior Application Security Penetration Tester (m/f/d)

We offer you the unique opportunity to be part of the development of our branch from the very beginning and to leave your mark on the further development.

Your Tasks

You will analyze the security of (web) applications, mobile apps, web services, rich clients and much more - primarily using the means of web application security penetration testing:

  • Manual vulnerability analysis using our sophisticated toolset
  • Further development of testing methods for new attack vectors
  • Collaboration with the client's application developers and security managers
  • Conducting vulnerability remediation workshops
    If you are interested, you can also work in the area of static code analysis.
    A special highlight is our tool Limeviper, which greatly simplifies report generation

Your Profile

You have a solid background in all areas of application security and extensive experience in pentesting web applications. Your skillset includes:

  • Very good knowledge of burp and/or ZAP
  • Experience in handling and applying testing and security guides, e.g. OWASP
  • Confident English, both written and spoken

You have creativity, quality awareness and enjoy sharing your experience and knowledge. You are used to representing your results and acting on your own responsibility.

We Offer

  • Unique opportunity to make an impact in the early phase of building up a new mgm location
  • We will be working in a coworking space in the beginning, but having the goal to move later to our own office
  • Friendly and flat organization
  • Access to internal and external trainings and our eLearning platform with internal content
  • Flexible working hours and not office-bound mobile work arrangement
  • 25 days of vacation (and 1 extra day per year in the company, with a cap on 30 days)
  • Competitive salary with an annual review
  • German course paid by mgm
  • Summer and Christmas parties, team events and onboarding events


We look forward to receiving your application

Do you have any questions or need more information? Do not hesitate to contact our recruiting team! We are happy to answer all of your questions about mgm and our mgm und recruiting process. Give us a call at +49 89 358 680-918 or write an e-mail to:

Small note to personnel service providers: We do not use external support and therefore kindly ask you to refrain from contact requests.

Share job: