Junior Offensive Security Engineer

�

� Description

• • Be the first line of defense for 4 million customers in 150 countries. As a Junior Offensive Security Engineer at Hostinger you will sit at the intersection of development and security, ensuring every new feature ships with bullet-proof confidence. Your fingerprints will be on every release, every patch, and every security improvement that keeps our clients’ e-shops, blogs, and businesses safe.
• • Own the vulnerability disclosure pipeline end-to-end. You will monitor Hostinger’s Responsible Disclosure inbox and HackerOne program daily, greeting external researchers with prompt, respectful replies. After reproducing each report with Burp Suite, browser dev tools, and your own curiosity, you will triage findings, assign CVSS scores, and escalate high-impact issues to the correct product squad with crystal-clear tickets that engineers love to read.
• • Perform deep-dive manual security testing before any code hits production. Whether it is a new checkout flow, an AI-powered site-builder feature, or a micro-service that scales to millions of requests, you will attack it like a friendly adversary—hunting for XSS, IDOR, auth bypass, SSRF, and business-logic flaws. Your test cases will become templates the entire security team reuses.
• • Build lightweight automation that multiplies your impact. Using Python or Bash you will script repetitive validation tasks, spin up ephemeral test environments, and generate on-demand reports so that no vulnerability slips through the cracks. Over time these tools will evolve into an internal testing framework the whole company relies on.
• • Track, trend, and communicate security metrics that matter. Every month you will compile a concise yet insightful report for leadership: number of valid submissions, mean time-to-triage, top vulnerability categories, and researcher kudos. Your data-driven storytelling will guide roadmap decisions and budget allocations.
• • Collaborate cross-functionally with engineering, product, and customer success teams. You will join sprint plannings, review user stories for security edge-cases, and occasionally pair-program with developers to craft fixes that are elegant and secure by design. Your ability to translate technical risk into business impact will make you a trusted advisor.
• • Champion a culture of continuous learning. Hostinger’s 900-person rocket ship moves fast; you will schedule lunch-and-learns, curate internal wikis, and share war-stories from the latest bug bounty drama. Your curiosity will inspire teammates to think like attackers and build like defenders.
• • Represent Hostinger in the global security community. Whether you are answering questions on HackerOne, presenting at local OWASP meetups, or live-tweeting a clever payload, you will embody our customer-obsessed, transparent ethos and attract top-tier researchers to our program.
• • Leave every system you touch more secure than you found it. From the moment you reproduce your first bug to the day you verify the final fix, your mission is simple: reduce risk, raise the bar, and help anyone—anywhere—succeed online without fear.