Monday, December 24, 2018

Job: Web Application Penetration Tester at CyberSec LLC Company

Location: Yerevan, Armenia

Category:

Type: Full-time

Deadline: 23-Jan-19 12:00:00 AM

Salary: Fixed salary plus bonuses

Description
CyberSec LLC is looking for a Web Application Penetration Tester to join its team.

Responsibilities
- Work with clients to determine their requirements from the test, for example the number and type of applications they would like to test;
- Advise on methods to fix or lower security risks to systems;
- Consider the impact own 'attack' will have on the business and its users;
- Create reports and recommendations from own findings;
- Present own findings, risks and conclusions to both technical and non-technical audiences;
- Understand how the flaws that are identified could affect a business, or business function, if they're not fixed.

RequiredQualifications
- Bachelor's degree in Information Technology or a related field of study or equivalent experience;
- At least 3 years of professional work experience in a related field;
- Bug Bounty participation (Hackerone, Bugcrowd, Synack, Cobalt);
- Participation in Capture the Flag (CTF) Competitions;
- Speaker experience at International Cyber Security Conferences (Black Hat, DefCon, Bsides, PHDays, ZeroNights);
- Deep understanding of web application attacks, including SQL Injection, XSS, CSRF, XXE, RCE, SSRF, IDOR and other common security issues beyond the OWASP Top 10;
- Experience with testing tools, including Kali Linux, Metasploit, Burp Suite, Dominator;
- Experience scripting in Python, PHP, Ruby, Bash, and Java;
- Experience in configuring Web Servers Like Apache, Nginx, and IIS;
- Experience in finding vulnerabilities in source code, both manually and automatic;
- Basic knowledge of JavaScript and SQL;
- Excellent knowledge of Armenian, Russian and English languages, both oral and written.

Desired Certifications:
- GIAC Penetration Tester (GPEN);
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN);
- Offensive Security Certified Professional (OSCP);
- Certified Ethical Hacker (CEH);
- Licensed Penetration Tester (LPT);
- Mobile and Web Application Penetration Tester (CMWAPT).

Benefits

Job URL: iJob.am - Web Application Penetration Tester @ CyberSec LLC

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)