Junior Offensive Security Engineer

at Hostinger International
💰 $30k-$43k
🇱🇹 Lithuania - Remote
🔒 Cybersecurity🟢 Entry Level

Job description

Join Hostinger and we’ll grow fast! 🚀

Is there a limit to growth? Not at Hostinger.

We’re constantly reaching new heights. With a team of 900 professionals, we are behind the success of over 4 million clients in 150 countries, helping them launch their e-shops, blogs, portfolios, businesses, and passion projects.

Our mission: To build world-class solutions for anyone to easily succeed online

Our culture: Guided by 10 company principles

Our formula for success: Customer obsession, innovative products, and talented teams.

Your Role at Hostinger

As a Junior Offensive Security Engineer at Hostinger, your primary focus will be on proactively securing our products by contributing to testing new features before they reach production and managing our vulnerability disclosure channels. You’ll act as a critical link between our development and security teams—validating vulnerabilities, triaging external reports, and ensuring issues are remediated effectively and on time.

You’ll also be contributing to the day-to-day operations of Hostinger’s bug bounty program, helping maintain a high standard of collaboration with external researchers while continuously improving our product security posture.

Curious to learn more? Connect with your team: Egidijus Navardauskas, Head of Cyber Security

Your day-to-day

  • Respond to Responsible Disclosure and HackerOne submissions from external researchers.
  • Validate and reproduce vulnerability reports and assess their potential impact.
  • Triage and escalate confirmed issues to internal product teams.
  • Conduct manual security testing of new features prior to release.
  • Maintain monthly reports summarizing submitted vulnerabilities and trends.
  • Test new features and services manually for common vulnerabilities (e.g., XSS, IDOR, auth issues) before deployment.
  • Reproduce and validate vulnerabilities submitted via the HackerOne platform.
  • Assess the severity and exploitability of findings and draft clear escalation tickets for internal teams.
  • Communicate effectively with external researchers, ensuring timely responses and status updates.
  • Work with engineering and product teams to understand features under development and proactively test them for security flaws.
  • Track open vulnerability reports and assist in verifying applied fixes.
  • Develop and maintain lightweight internal tooling or scripts to support testing workflows.
  • Create monthly metrics and insights reports on vulnerability submissions, researcher activity, and triage timelines.
  • Contribute to knowledge sharing by documenting findings, impact, and remediation paths.

Your skills and experience

  • Good understanding of common web vulnerabilities (e.g., OWASP Top 10).
  • 1+ years of experience in security testing, bug bounty, or vulnerability triage roles.
  • Solid ability to manually identify and verify security issues using tools like Burp Suite, browser dev tools, etc.
  • Excellent analytical and critical thinking skills; able to separate noise from high-impact issues.
  • Basic scripting or automation skills (e.g., Python, Bash) to support validation tasks.
  • Good communication skills and an ability to work across security, engineering, and product teams.
  • Familiarity with bug bounty platforms (HackerOne, Bugcrowd) and their workflows.
  • Proficiency with Linux command-line tools.
  • Curious mindset and a strong eagerness to learn and grow in offensive security.
  • Strong written English and clear documentation habits.

Nice to have skills

  • Prior experience as a HackerOne program triager or as a bug bounty researcher.
  • Understanding of CVSS or other risk-rating methodologies.
  • Knowledge of CI/CD pipelines and how new features are released.
  • Understanding of modern authentication mechanisms (OAuth, JWT, SSO) and common pitfalls.
  • Ability to read code or understand source logic at a basic level (e.g., JavaScript, PHP, or Go).
  • Security certifications like eJPT, OSCP (or progress toward one) are a plus, but not required.

Benefits for you

  • 🚀 360 Growth: We provide limitless learning opportunities: access to platforms like Reforge and CoachHub, global conferences, physical and digital libraries, feedback culture, and mentoring through TesoXchange. Advance your career with internal mobility and grow with a team eager to share knowledge and support your success.
  • 🎯 Freedom & responsibility: Work on your terms: from modern offices in Kaunas and Vilnius, the comfort of home, or anywhere in the world. Enjoy flexibility in managing your schedule and bring your ideas to life in a fast-paced, dynamic environment.
  • 💪Wellness simplified: Your health comes first with insurance from Day 1, gym memberships, recharge leave, and regular health checks. Join sports, arts, and hobby clubs or simply enjoy the balance of a lifestyle that prioritizes wellness.
  • 🎉 Work hard - party hard: Recognize hard work with company events like Summerfest & Winterfest, Town Hall, Meet the Client initiatives, team-buildings, and workations. Enjoy access to the Žalgiris Arena VIP Lounge and celebrate life’s big moments with milestone gifts for weddings, new parenthood, and graduations.

Compensation

  • Gross salary 2,300- 3,300 EUR/month, depending on your experience and skills.

Get ready to take your personal and professional growth to new heights! Join Hostinger today and be part of our journey 🚀

Three. Two. Onboard

Share this job:
Please let Hostinger International know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Hostinger International logo

Hostinger International

  • 59 remote jobs

Latest Jobs at Hostinger International

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply