Penetration Tester at Luxoft (DXC)

Job Description: AboutDXCBulgaria

We are DXC – a Fortune 500 global IT services leader.

In Bulgaria, we are among the largest IT employers, delivering the full spectrum of the company’s diverse technical portfolio. Our teams work across cutting-edge technologies, contributing to projects that span industries and geographies.

We foster continuous learning and professional growth, offering access to targeted training and certifications aligned with individual interests and career aspirations.

Our culture of collaboration, innovation, and shared values empowers professionals to grow and succeed.

We are now looking for a Penetration Tester to join our team.

Daily challenges

• Perform manual penetration tests against web applications, REST/Graph QL APIs, and microservice architecture.

• Assess cloud environments (AWS, Azure, or GCP) for misconfigurations, identity and privilege escalation paths, and container/Kubernetes weaknesses.

• Participate in internal network, Active Directory, and Entra ID assessments, including red and purple team engagements against mature enterprise environments.

• Conduct source code reviews (typically Python, Java, JavaScript/TypeScript, Go, or C#) to identify logic flaws and insecure patterns.

• Produce clear, actionable reports and deliver findings confidently to both technical teams and executive stakeholders.

e Xperience and skills required

• Fluent English

• 3+ years of professional experience in penetration testing, red teaming, or offensive security consulting.

• Strong hands-on skills in at least two of the following: web/API testing, cloud security, internal/AD assessments, source code review.

• Solid command of Linux, Windows, networking fundamentals, and standard tooling (Burp Suite Pro, Nmap, Bloodhound, etc.).

• Experience with OWASP Top 10, OWASP API Security Top 10, OWASP LLM Top 10.

• Scripting proficiency in Python (or equivalent) to automate tasks and build small tools

• Certificates like OSCP, OSEP, OSWE, CRTO, CRTP, CARTP, GXPN, GPEN, BSCP, HTB CPTS/CBBH or certificates in AI/ML security (any reputable AI red teaming course, SANS SEC545) or demonstrated equivalent experience, would be considered as an advantage.

Company benefits

At DXC Technology, we don’t just offer jobs - we build careers. Here’s what you can look forward to when you join us:

• Enjoy competitive compensation and grow your career in a fast-paced, international environment.

• Benefit from 24 days of paid vacation to rest, explore, and recharge - plus comprehensive medical and life insurance, and monthly food vouchers to support your lifestyle.

• Access premium learning platforms, get company-sponsored certifications, and grow your skills with continuous development opportunities tailored to you.

• Get recognized through our Employee Recognition Program - your contributions deserve the spotlight.

• Refer great talent through our Employee Referral Program and get rewarded for helping shape our future.

• Enjoy discounts and special offers with your employee badge - it pays to be part of the team.

• Access 24/7 support for you and your family, with a wide range of wellbeing resources to help you thrive.

• Join meaningful initiatives that give back to the community and connect you with like-minded colleagues through fun and impactful experiences.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

If you feel comfortable with the above-mentioned requirements, please send us your CV in English.

Please note only shortlisted candidates will be contacted.

DXC Technology stands for equal opportunities, namely, we do not discriminate on the basis of race, religion, color, sex, age, disability, or sexual orientation.  All recruitment decisions are based solely on qualifications, skills, knowledge and experience, and relevant business requirements.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available

[here](https:** //nam12.safelinks.protection.outlook.com/?url=https://careers.dxc.com/global/en%23fraud_warning&data=05%7c01%7cjhanda%40dxc.com%7cdfc9200ee54a4a2cbd1e08dbecc892f9%7c93f33571550f43cfb09fcd331338d086%7c0%7c0%7c638364118427715875%7cUnknown%7cTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7c3000%7c%7c%7c&sdata=s0zVysf9f4QibEs/xNc7yE0vzT4Ae61CRppkSzWUOGw%3D&reserved=0).