*Please note than only Swedish speaking candidates will be considered for the further interview process.

This reputable IT company delivers advanced cybersecurity services to large organizations across Sweden. With a strong focus on quality, structure, and long-term customer relationships, the company supports clients within industry, telecom, finance, and the public sector.

We are looking for a Lead Penetration Tester who wants to shape and develop our penetration testing capability. The role focuses on how we deliver security testing both as project-based engagements and as a continuous service, in close collaboration with our Vulnerability Management team. This is a unique opportunity to define methodology, testing cycles, and quality standards and to make a real impact for some of the most exciting organizations in the Nordics.

About the role

Are you an experienced penetration tester who wants to take the next step into a leading role? Do you enjoy building structure, setting standards, and developing a sustainable pentest function? This could be the opportunity you are looking for.

As Pentest Lead, you will combine technical expertise with leadership responsibilities. Rather than focusing solely on hands-on testing, the role emphasizes structure, methodology, documentation, and customer dialogue within a large-enterprise context.

Responsibilities:

• Lead and perform manual penetration testing of applications, APIs, web, mobile, cloud, and infrastructure (including Active Directory) – from reconnaissance to exploitation and verified remediation.

• Design and own the testing cadence (“test year wheel”): plan and coordinate recurring VM and pentest cycles (monthly/quarterly), including scope, methodology, and reporting formats.

• Focus on application security: support secure SDLC practices, threat modeling, code and design reviews, and advisory work towards development teams.

• OT/ICS (meritorious): contribute to engagements involving industrial or operational technology environments.

• Mentorship and methodology: coach colleagues, quality-assure deliveries, and contribute to playbooks, standards, and tool selection.

• Build trust through communication: present findings and recommendations to both technical and non-technical stakeholders, in Swedish and English.

Requirements

You have several years of experience in penetration testing with a strong emphasis on manual application security testing (OWASP Top 10/ASVS, API security, authentication/authorization, business logic flaws, SSRF, etc.).

• The ability to plan, lead, and quality-assure penetration test engagements end-to-end (scoping, methodology, reporting, remediation verification).

• Experience working closely with Vulnerability Management and translating findings into prioritized backlogs and remediation plans.

• Strong tooling experience (e.g. Burp Suite, Nmap, Responder, BloodHound, Metasploit, directory busting, proxying) and scripting skills (e.g. Python, PowerShell, Bash).

• Cloud security knowledge in at least one of AWS, Azure, or GCP, and a basic understanding of containers and Kubernetes.

• Fluency in both Swedish and English (required).
  

• Swedish citizenship.

Meritorious experience

• OT/ICS security testing and understanding of industrial environments and protocols.

• Red team / purple team activities, threat actor emulation, and controlled social engineering engagements.

• DevSecOps experience (CI/CD-integrated security testing such as SAST, DAST, IAST) and secure code reviews.

• Certifications such as OSCP, OSWE, OSEP, GXPN, GPEN, CREST, or similar.
  
  

As a person you are:

• Structured, methodical, and comfortable setting direction for others

• Confident in customer-facing situations and able to explain complex findings clearly

• Curious, creative, and willing to challenge existing approaches

• Comfortable working in regulated environments and security-classified contexts

Benefits:

• Growth-oriented work environment with mentorship and professional development opportunities
• Comprehensive health benefits including sports compensation, dental and vision coverage, healthy office snacks, sick leave compensation from the first day of absence, and company-covered doctor visits
• Hybrid work model 
• Professional growth, meaningful projects, an open and inclusive culture, and an excellent work–life balance. 

About Us 

Worldwiders is a global B2B recruitment company specializing in executive search and specialist recruitment, connecting top talent with prestigious opportunities worldwide. With over 5,000 successful placements and 400+ partners across 40+ countries, we provide tailor-made recruitment solutions that drive both career growth and organizational success.