Who we are
NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team.
What you’ll be doing
Conduct security assessments for web apps, APIs, and mobile apps under limited supervision.Perform OWASP Top 10 and advanced penetration testing (authenticated/unauthenticated).Assess API security (REST, GraphQL, SOAP) and test auth, session management, and access controls.Identify business logic flaws and exploit vulnerabilities.Perform manual/automated secure code reviews across multiple languages.Identify vulnerabilities (injection, XSS, insecure dependencies) and review architecture for weaknesses.Analyze third-party libraries, cryptographic implementations, and secure data handling.Provide actionable remediation guidance and secure coding recommendations.Assess iOS/Android apps, including reverse engineering and binary analysis.Test data storage, transmission, backend APIs, and mobile authentication mechanisms.Evaluate permissions, intents, IPC, and mobile-specific vulnerabilities (e.g., insecure storage).Integrate security testing into CI/CD pipelines and DevOps workflows.Configure and optimize SAST, DAST, and SCA tools; develop automation scripts.Implement security gates, reusable test cases, and support shift-left security initiatives.Analyze findings, determine risk severity, and produce detailed reports with remediation guidance.Validate fixes post-remediation, track findings to closure, and maintain vulnerability metrics.Present results to development teams and management.Review application designs for weaknesses against OWASP ASVS and security standards.Evaluate authentication/authorization models, data flows, and threat models.Support secure design workshops and threat modeling sessions.
What you'll bring along
Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related fieldMinimum 5–10 years of experience in cybersecurity or IT security roles.Strong knowledge of OWASP Top 10, OWASP ASVS, and web application security principlesSolid experience with web application penetration testing tools and methodologiesProficiency in identifying and exploiting common application vulnerabilitiesUnderstanding of API security testing for REST, GraphQL, SOAP, and microservicesKnowledge of mobile application security testing for iOS and Android platformsProgramming languages: Java, .NET (C#), Python, JavaScript, TypeScript, PHPWeb frameworks: Spring, Django, Flask, Express.js, React, Angular, Vue.jsMobile development: Swift, Kotlin, React Native, Flutter basicsScripting: Python, Bash, PowerShell for security automationDatabase security: SQL injection, NoSQL security, ORM security issuesWeb testing: Burp Suite Professional, OWASP ZAP, Postman, SQLMapCode analysis: SonarQube, Checkmarx, Fortify, Veracode, SemgrepMobile testing: MobSF, Frida, Objection, APKTool, iOS security toolsDependency scanning: OWASP Dependency-Check, Snyk, WhiteSourceAutomation: Selenium, Jenkins, GitLab CI/CD, custom Python scriptsDeep understanding of OWASP Testing Guide and Application Security Verification StandardKnowledge of PCI DSS application security requirementsFamiliarity with secure SDLC practices and DevSecOps principlesUnderstanding of threat modeling methodologies (STRIDE, PASTA, LINDDUN)Awareness of privacy-by-design and secure coding standardsClear technical communication with developers and non-technical stakeholdersAbility to explain complex vulnerabilities and provide practical remediation guidanceCollaboration skills for working with development, DevOps, and product teamsAnalytical thinking and creative approach to finding security weaknessesPatience and persistence in thorough security testing activitiesOSCP (Offensive Security Certified Professional) or CEH (Certified Ethical Hacker) - MandatoryGWAPT (GIAC Web Application Penetration Tester) or equivalent web app security cert - PreferredBurp Suite Certified Practitioner Programming or development certification Excellent command of both spoken and written English. Document .style{ width:930px;padding:15px;}.font-text{ font-family: customfaa3f6eee6874329a13ae; font-size: 16px; font-type:ttf; font-style: Medium;}
What’s in it for you
✔ New beginnings can be a challenge. We promise a smooth integration and a supportive mentor
✔ Pick your working style: choose from Remote, Hybrid or Office work opportunities
✔ Early bird or night owl? Our projects have different working hours to suit your needs
✔ Nobody is born an expert. Sharpen your tech skills with our sponsored certifications, trainings and top e-learning platforms
✔ We want you to stay healthy! Enjoy our Private Health Insurance – it’s custom-made for you
✔ A clear mind is a healthy mind. Attend individual coaching sessions or go one step further by joining our accredited Coaching School
✔ Make the most of our epic parties or themed events – they’re lovingly designed for our people and their families
NTT DATA Romania is an equal opportunity employer and considers all applicants regardless to race, color, religion, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic protected by law. We are committed to creating a diverse and inclusive environment for all employees.
Not the job for you? Perhaps you have a friend who would be a perfect fit. Send them this link!
What’s in it for you
\tNew beginnings can be a challenge. We promise a smooth integration and a supportive mentor\tPick your working style: choose from Remote, Hybrid or Office work opportunities\tEarly bird or night owl? Our projects have different working hours to suit your needs\tNobody is born an expert. Sharpen your tech skills with our sponsored certifications, trainings and top e-learning platforms\tWe want you to stay healthy! Enjoy our Private Health Insurance – it’s custom-made for you\tA clear mind is a healthy mind. Attend individual coaching sessions or go one step further by joining our accredited Coaching School\tMake the most of our epic parties or themed events – they’re lovingly designed for our people and their families
Your unique talent is what matters. NTT DATA Romania is an equal opportunity employer and considers all applicants regardless to race, color, religion, citizenship, national origin, ethnicity, age, gender, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic.
Document .style{ width:930px;padding:15px;}.font-text{ font-family: customfaa3f6eee6874329a13ae; font-size: 16px; font-type:ttf; font-style: Medium;}
Third parties fraudulently posing as NTT DATA recruiters
NTT DATA recruiters will never ask job seekers and candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties that may try to impersonate NTT DATA recruiters, either in writing or by phone, in an attempt to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will be associated with an @nttdata.com email address. NTT DATA will not use any non-NTT DATA or personal email domains (Gmail, Yahoo, etc.) or personal communication channels (WhatsApp, Facebook etc) at any time during the recruitment process. If you suspect any fraudulent activity, please contact us.#LI-AR2