cross

Senior Penetration Tester

Číslo ponuky 78556

Lokalita: Slovak Republic, Czech Republic

Typ: full-time

Sektor: IT a Telekomunikácie

Úroveň pozície: Specialist

Plat: 4000 EUR Gross.

Kontaktná osoba:

Damir Sabljak
420601160543
sabljak@sandyou.cz

Popis

We are looking for a highly driven, motivated, creative, reliable, diligent, detail-oriented, and clever Senior Penetration Tester to conduct penetration tests across many platforms, including social engineering and wireless testing. This is an exciting opportunity to support and enable organizations worldwide to prepare for and combat cyber-attacks.

Resonsabilities:

  • Perform vulnerability scan, assessment and penetration testing on a variety of web and mobile applications, external and internal networks and Active Directory and cloud environments.
  • Be a part of the Offensive Security team that is working on phishing campaigns, red teaming engagements.
  • Be aware of new attack vectors and work proactively to mitigate them.
  • Exploit new vulnerabilities. (editing publicly available exploits)
  • Collaborate with other penetration testers and offensive security team members.
  • Assist in educating clients on exploited vulnerabilities and remediation strategies to protect against future exploits or attacks.
  • Research and learn new concepts, methodologies and tools, investigate new threats.
  • Creating case studies based on your latest security research.

 

Benefity

  • Generous PTO
  • Paid cyber education courses and certifications
  • Paid Company Holidays
  • Paid Sick Time
  • Gym membership reimbursement
  • Company phone
  • Numerous company-sponsored events and team building.

 

Požiadavky

  • Approximately 4 years of related work experience in the fields of computer science, information systems, engineering, or a related degree preferred.
  • Experience in one or more of the following areas: attack and penetration testing; security testing of web and mobile-based applications; application security source code assessments.
  • Strong Unix, NT, networking and wireless security skills and a deep understanding of TCP/IP networking.
  • Strong technical skills related to a broad range of operating systems and databases; experience with programming in a mainstream language such as Java, C, C++, C#, ASP, and .NET., Python, or similar language.
  • Manual penetration testing experience above and beyond running automated tools is required, understanding of OWASP testing guides and MITRE ATT&CK.
  • Experience developing custom scripts or programs (e.g. vulnerability identification ) as well as application development is a plus.
  • Excellent presentation, and client service with advanced written and verbal communication and presentation skills.
  • Able to work collaboratively in a team environment.
  • One security-related certification such as the OSCP, GXPN, OSCE, CRTE or other relevant certification desired; non-certified hires are required to become certified within 1 year from the date of hire.
  • History of published security research, assigned CVE vulnerabilities, history of successful bug bounty and CTFs are a plus.

 

O firme

A global leader in Incident Response, Digital Forensics, Penetration Testing, Ransomware Mitigation, and Cyber Resiliency Services. The company experience spans decades working on high profile cases in coordination with Law Enforcement Agencies around the world.

Their best-in-class methodology builds on experience working with US Intelligence Agencies, US Secret Service, FBI, DHS, Interpol, Europol and NATO.

The company experts have been recognized with numerous awards, including being the winning team of Locked Shields, the world’s largest and most advanced international live-fire cyber defence exercise organized by NATO CCD COE in 2016.