You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Grzegorz TworekGT

Grzegorz Tworek

Sr. Lead Penetration tester | OSCP | OSWA | SRT

€215/day
Krakow, PL
8-15 years
Cybersecurity
Mobile application
Web Application
Penetration Testing
network infrastructure

Average response time: 1 hour

About Grzegorz

I am a freelance penetration tester with extensive experience in offensive security across web, mobile, APIs, networks, and cloud infrastructures. I hold OSCP and OSWA certifications, am a Synack alumnus, and have hands-on experience with CVEs discovery and responsible disclosure, including CVE-2022-1438 (XSS in Red Hat Single Sign-On).

As a freelancer, I focus on ad-hoc engagements, helping organizations identify and remediate vulnerabilities in public and private applications and hybrid infrastructures. My work includes vulnerability assessments, manual exploitation, threat modeling, and delivering actionable findings to technical teams and executives.

In my current role, I lead offensive-security programs, conduct penetration tests, orchestrate multi-vector simulations, mentor the Red Team, and translate technical findings into risk-informed, business-relevant guidance. Previously, I worked with Red Team as a cybersecurity researcher, performing bug bounty and patch verification.

I am currently exploring freelance opportunities.

  • Polish

    Native or bilingual

  • English

    Fluent

  • Ukrainian

    Conversational

Remote only
Primarily works remotely

Experience

  • SISOFT Sp. z o.o.
    Head of Red Team
    January 2023 - Today (3 years and 5 months)
    • Lead offensive-security programs (apps, infra, cloud)
    • Orchestrate multi-vector simulations (tech + social + physical)
    • Translate findings into risk/ROI and exec-level actions
    • Build and mentor the team; enforce QA & reporting standards
    • Evolve methods/automation; align with GRC & presales
    Infrastructure pentest Cybersecurity Security Assessments Mobile application Web Application
  • Synack Inc.
    Cybersecurity Researcher
    June 2023 - December 2025 (2 years and 6 months)
    • Verification of patch implememtations
    • Bounty hunting vulnerabiities across multiple different systems.
    Penetration Testing Infrastructure pentest Cybersecurity Web Application
  • SISOFT Sp. z o.o.
    Penetration Tester
    March 2021 - December 2022 (1 year and 9 months)
    • Test web/mobile, APIs, networks, wireless
    • Deliver concise, prioritized reports with quick wins
    • Run red-team and social-engineering exercises
    • Provide evidence for audits; verify fixes
    • Create scripts/checklists to standardize delivery
    Penetration Testing Mobile application Web Application Infrastructure pentest Security Assessments
Check out Grzegorz's experience

Recommendations

Be the first to recommend Grzegorz

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Applied Computer Science
    University Pedagogical University of Cracow
    Applied Computer Science

Certifications

Grzegorz's certifications are only visible to Malt Community members

Skill set

PenTest
Security Assessments
Infrastructure pentest
Kali Linux
Hacker
Ethical hacker
pentester
cybersec
apps pentesting
application penetration testing

Categories