Cyber Security Engineer/Penetration Tester (Remote, Full-time)

14 февраля 2020    30

— At least 3 years of practical proven experience in penetration testing
— Ability to perform evaluation of Web application requirements, processes, technologies
— Experience in security testing of Web applications based on different technologies (nginx, IIS/, javascript)
— Experience in security testing of Web Services (SOAP, RESTful)
— Experience in different vulnerability scanners (OWASP ZAP, burp, MobSF, sonarqube etc.)
— Understanding of Web security testing process (e.g. OWASP Testing Framework, OWASP Serverless, OWASP API)
— Ability to develop custom scripts needed for specific assessment purposes (Python, bash, PowerShell, JavaScript)
— Ability to resolve technical problems when required
— Ability to explain assessment results to technical and non-technical personnel

Nice to have:
— Certification in security field
— Understanding of and practical experience in security audit process, meeting fintech security compliance requirements (PCI DSS)
— Experience in different exploitation tools and frameworks (metasploit, beef, sqlmap etc)
— Previous experience as a software engineer or knowledge of software development methodologies is desired, but not mandatory
— Experience in security testing of network infrastructure
— Experience in development of security-related documentation
— Experience in AWS-services and AWS-serverless

— ​​Work from anywhere in the world!
— Competitive salary.
— Compensation vacation (15 days off in a year).
— Global corporate events for all employees.
— Internet compensation (50$ per month).
— Relocation to Montenegro.

— Conduct vulnerability assessments and penetration testing
— Demonstrate considerable knowledge of planning and estimating specific to security assessment activities
— Collaborate with technical and management personnel across the full security assessment life cycle
— Utilize problem-solving skills, especially within troubleshooting complex issues while identifying options and/or alternatives
— Document all disclosed issues using different reporting formats (e.g. available for distribution to different concerned parties: business, technicians, clients)
— Provide remediation suggestions to correct disclosed issues
— Collaborate with personnel responsible for writing and presenting proposals to prospective clients
— Manage and contribute to planning, coordination and successful completion of security engagements

Подписывайтесь на наш телеграм-канал @remotelist, чтобы всегда быть в курсе новых вакансий! Дайджесты с новыми вакансиями появляются каждые 2-3 часа.

Еженедельная рассылка топ-15 самых просматриваемых вакансий сайта. Письмо приходит каждое воскресенье.