امکان جدید:
همین حالا رزومه خود را در کمتر از ۱۰ دقیقه بسازید، برو به رزومه‌ساز

Jobinja | جابینجا | استخدام، آگهی استخدام، کاریابی، استخدامی جدید، بازار کار، نیازمندیها، ساخت رزومه رایگان، کار و استخدام دولتی، اشتغال، جستجوگر حرفه ای استخدام و شغل
ورود کارجو ثبت‌نام کارجو
۱

اسنپ | Snapp

تاسیس در ۱۳۹۳ کامپیوتر، فناوری اطلاعات و اینترنت بیش از ۱۰۰۰ نفر snapp.ir

استخدام Penetration Testing Engineer

  • دسته‌بندی شغلی

    IT / DevOps / Server

  • موقعیت مکانی

    تهران ، تهران

  • نوع همکاری

    تمام وقت

  • حداقل سابقه کار

    سه تا شش سال

  • حقوق

    توافقی

شرح موقعیت شغلی

Job description

  • Performs threat modeling to identify all possible attack vectors 
  • Conduct vulnerability assessment and penetration testing against a wide array of technologies and platforms including )(Network, Infrastructure, WEB Applications, Mobile apps including IOS and Android and API
  • Select the appropriate technical tests, network or vulnerability scan tools and/or pen testing tools based on review of requirements and purpose 
  • Conduct relevant research, data analysis, and create reports 
  • Contribute to predictive analysis of malicious activity 
  •  Understand, review, and interpret vulnerability assessment and scannin results, reduce false positive findings, and act as security advisor to business unit partners 
  •  Track public and privately released vulnerabilities and assists in the triage process 
  • Perform black box and gray box testing, source code analysis, manual pen testing, and vulnerability assessments 
  • Perform hands on technical validation of vulnerability to determine risk to different configurations and priorities for remediation 
  •  Communicate current cybersecurity threats and educate stakeholders on risks and recommendations 
  •  Simulate cyberattacks to identify vulnerabilities 
  •  Participate in team problem solving efforts and offer ideas to solve the issues 
  •  Performs static source code vulnerability analysis 
  •  Work with external pen testers to continually improve security on the platform 
  •  Responsible for writing and reviewing formal penetration test reports documenting the details of a penetration test and all vulnerabilities, potential issues, and strengths found during the test

 

General qualifications

  • 3+ years of operational experience in Information Technology & InformationSecurity. 
  • Good written and verbal communication skills in English 
  • University Degree in Computer Science, Computer Engineering or other relevant field. 
  • Certifications such as CEH, Security+, ISO 27K, SANS would be considered as an asset. 
  • Good interpersonal communication and presentation skills. 
  •  Ability to be a team player. 
  •  Ability to work effectively in multiple cultures and at a range of levels. 
  •  Ability to constantly build up skillset using a mix of self-motivated and course based learning environment. 
  • Ability to work independently, proactively to see the big picture and work through solutions as needed. 
  • Good knowledge of Windows, Linux, data bases (MySQL, no-SQL), antimalware,IDS and other security technologies. 
  • Basic understanding of virtualization and software-defined data center concepts. 
  • Knowledge of OSI reference model and networking fundamentals (switching,routing, load-balancing, firewalling). 
  •  Understanding of commonly used Internet protocols such as SMTP, HTTP, and DNS. 
  • Basic understanding of cryptographic functionality within such protocols would be of advantage. 
  • Familiar with Security Regulations and Standards. 

 

Technical qualifications

  • Experience with API testing and Mobile Application testing 
  •  Hands-on experience with two or more scripting languages such as Python,Powershell, Bash, or Ruby 
  •  Familiarity with penetration testing tools and tool suites such as Burp Suite, OWASP ZAP, Kali Linux, etc 
  • Proficiency or experience in any one of the following tools would be anadded advantage including Zed Attack Proxy, Micro Focus, Kiuwan, QARK,Android Debug Bridge, CodifiedSecurity, Drozer, WhiteHat Security 
  • Ability to demonstrate clear understanding of following vulnerabilities including SQL Injections, Cross Site Scripting (XSS), Broken Authentication & Session Management, Insecure Direct Object References, Security Misconfiguration, Cross-Site Request Forgery (CSRF), Participate in code audit/review 
  •  An aptitude for technical writing, including assessment reports and presentations  
  • Strong understanding of penetration testing frameworks 
  •  Advanced knowledge of mobile application testing techniques, software protocols and the ability to bypass common mobile application security controls 
  •  Understanding of offensive security, including offensive evasion techniques 
  •  General knowledge of web applications, databases, mobile, and cloud applications 
  •  Strong knowledge of Open Web Application Security Project (OWASP) (WEB and Mobile) 
  •  Ability to think outside the box and emulate adversarial approaches

معرفی شرکت

اسنپ محصولی ایرانی است که از تیمی خلاق، جوان و تحصیل‌کرده قدرت می‌گیرد و در تلاش است تا صنعت فناوری اطلاعات و ارتباطات را به زندگی روزمره جامعه پیوند بزند.
اهداف بزرگی در سر داریم و بلند پروازیم. قصد داریم اسنپ را به بهترین راهکار برای سفرهای درون‌شهری ایران تبدیل کنیم و در این راه به کمک افراد خلاق، سخت‌کوش و بلندپرواز احتیاج داریم. اگر چنین خصوصیاتی دارید خوشحال می‌شویم که رزومه خود را برای‌مان ارسال کنید.

  • مهارت‌های مورد نیاز

    Linux Databases MySQL NoSQL

  • جنسیت

    مهم نیست

  • وضعیت نظام وظیفه

    معافیت تحصیلی معافیت دائم پایان خدمت

  • رشته‌های تحصیلی مرتبط

    ICT (فناوری اطلاعات و ارتباطات) IT (فناوری اطلاعات) کامپیوتر مهندسی تکنولوژی نرم افزار کامپیوتر مهندسی کامپیوتر

  • حداقل مدرک تحصیلی

    کارشناسی
این آگهی منقضی شده است

مشاغل مشابه
اطلاع‌رسانی از طریق ایمیل

آگهی منقضی شده است