What we’re looking forMore Job Searches

Penetration Tester

Description

Penetration Tester

Lovable

Stockholm, Sweden

We're looking for a Penetration Tester who lives to break things, ethically. You'll push Lovable's platform to its limits, hunt vulnerabilities across our AI pipelines and user-generated code, and make sure attackers never get there before you do.

What we’re looking for

  • 5+ years of hands-on penetration testing experience across web, mobile, APIs, and cloud infrastructure;
  • Deep expertise in offensive security techniques: OWASP, MITRE ATT&CK, exploit development, privilege escalation, and lateral movement;
  • Experience attacking AI-native products or LLM-integrated systems, including prompt injection, model abuse, and data exfiltration vectors;
  • Strong understanding of cloud environments (GCP, AWS, ) and the attack surfaces they introduce;
  • Ability to translate complex findings into clear, prioritised reports that engineering teams can act on immediately;
  • Low ego, high output. You collaborate as naturally as you compete against systems;
  • Bonus: experience with red team operations, supply chain attacks, or mobile security (iOS/Android). Familiarity with SAST/DAST tooling. Background in security research or CVE disclosure.

What you’ll do

  • Own offensive security end-to-end: plan and execute penetration tests across Lovable's web platform, mobile surface, APIs, cloud infrastructure, and AI pipelines;
  • Break our AI before others do: probe LLM integrations for prompt injection, jailbreaks, data leakage, and novel attack vectors unique to AI-generated code running in live products;
  • Stress-test user-generated code at scale: identify systemic vulnerabilities introduced when millions of users create and deploy real applications on Lovable;
  • Turn findings into action: work directly with engineering to prioritise, remediate, and verify fixes, closing the loop between discovery and resolution;
  • Raise the security bar org-wide: run internal red team exercises, contribute to threat modelling, and embed an attacker's mindset across the engineering culture;
  • Help make Lovable the most secure AI product in the market.

Our Tech Stack

  • Frontend: React and TypeScript;
  • Backend: Golang and Rust;
  • Cloud:, GCP, AWS, Modal, multiple LLM providers;
  • DevOps & Tooling: GitHub Actions, Grafana, OTEL, infra-as-code (Terraform);
  • Data: Clickhouse, Firestore, Spanner, BigQuery.

And we're always exploring what's next!

Don't forget to mention EuroTechJobs when applying.

Skills

AndroidPenetration TestingDevOpsGithub ActionsGitHubRustSecurityLLMGoBigqueryGitHub ActionsiOSTerraformOWASPAWSReactGCPCloudflareTypeScriptAIBigQueryGrafanaFirestore

Want AI to find more roles like this?

Upload your CV once. Get matched to relevant assignments automatically.

Try personalized matching