Penetration Tester

Terra Security is on track to become the next breakout cybersecurity company. As the winner of the 2025 AWS + CrowdStrike + NVIDIA Cybersecurity Startup Accelerator, Terra has earned recognition from some of the most influential names in modern security. The company has raised $38 million to date, including a $30 million Series A led by Felicis Ventures with participation from Dell Technologies Capital, Silicon Valley CISO Investments (SVCI), SYN Ventures, LAMA Partners, Underscore VC, and Capital One Ventures.

Terra’s platform is powered by a swarm of fine-tuned AI agents with human-in-the-loop oversight, delivering unmatched efficiency, accuracy, and continuous attack surface coverage. It runs thousands of best-in-class tests and crafts tailored, exploit-driven assessments based on each organization's unique business logic and risk profile.

Summary 

As a Penetration Tester, you will be a founding member of our new European penetration testing team. You will work at the intersection of traditional ethical hacking and cutting-edge AI, providing the "human-in-the-loop" expertise that ensures our autonomous agents remain accurate, creative, and devastatingly effective. This is an opportunity to move beyond standard "checkbox" pentesting and into the future of automated, exploit-driven security.

What You’ll Do

• Perform deep-dive penetration tests on Web Applications and APIs, identifying complex vulnerabilities that automated tools often miss.
• Work alongside our AI agent swarm, providing manual verification, oversight, and creative exploitation logic to enhance the platform’s performance.
• Research and develop new exploitation techniques to keep our platform ahead of emerging threats and unique business logic risks.
• Translate technical vulnerabilities into clear, high-quality security reports that provide actionable remediation guidance for our customers.
• Contribute to the methodologies and workflows of our growing European hub, collaborating with global teams to maintain a "best-in-class" testing standard.

Requirements

• 3+ years of hands-on experience specifically in Web Application and API Penetration Testing.
• A strong understanding of common attack methodologies, exploitation techniques, and the OWASP Top 10.
• Proficiency with networking protocols (TCP/HTTP) and a solid grasp of client-side and server-side languages.
• Practical expertise with Burp Suite, Caido, and other industry-standard security testing utilities.
• The ability to write clear, professional security reports that balance technical depth with remediation clarity.
• High-level English proficiency (fluent in reading, writing, and speaking).

Advantage

• Experience with Python, Go, or Bash to automate repetitive testing tasks.
• Holdings such as OSCP, OSWA, OSWE, or equivalent.
• Familiarity with testing in AWS, Azure, or GCP environments.
• Interest in or experience with using AI/LLMs to enhance security workflows.