Security Tester / Penetration Tester (MVP Platform)
Description
We are seeking a practical, detail-oriented security tester to conduct a structured penetration testing and security assessment of our early-stage platform.
This is an MVP and early-access engagement, not a formal certification audit. The goal is to identify and remediate material security risks using recognised methodologies and free/open-source tools, ahead of broader public and enterprise pilots.
This role is ideal for an experienced independent tester who understands startup constraints and can deliver real security value without unnecessary overhead.
Scope of Work
The engagement includes security testing of:
• Application-related infrastructure exposure
Out of scope: • Third-party services • Denial-of-service testing • Formal certification (ISO, SOC, etc.)
Required Standards and Approach
Testing must align with: • OWASP Top 10 (Web Application)
Manual testing and validation are required. Automated scanning alone is not sufficient.
Tools (Free / Open Source)
You are expected to use some or all of the following:
• Snyk (free tier) or Trivy
You may propose additional free tools where appropriate.
Deliverables
You must provide a written security assessment report that includes:
• Findings with severity ratings (Critical, High, Medium, Low) • Tool-generated reports (where applicable) • Clear statement that this is a non-certified assessment
Clear, professional documentation is essential.
Budget: GBP 88 (Fixed Price)
Proposals: 12 freelancers have applied