As an integral member of our team, you will assess systems and networks, identifying any deviations from standard configurations. You'll collaborate with colleagues who are committed to excellence, enabling you to fulfill the following responsibilities:
Work with the team to assess systems and networks within the network environment.
Identify deviations in systems/networks from acceptable configurations and policies.
Contribute to the management of the security configuration program.
Evaluate the effectiveness of defense-in-depth architecture against known vulnerabilities.
Qualifications
Minimum Required Experience:
Experience in identifying OWASP Top 10 vulnerabilities through Penetration Testing and Source Code Reviews.
Strong communication skills, both written and verbal, with a focus on clear documentation.
Knowledge of asset confidentiality, integrity, and availability requirements, and the ability to assess the impact and likelihood of identified vulnerabilities.
Hands-on experience with White & Black Box Pen Testing in the following areas:
Web Applications
Mobile Applications
Network Environments
Java Applications
ASP. Net Applications.
PHP Applications
Desired Experience:
Ability to correlate between confidentiality, integrity, and availability of assets.
Ability to develop programs in interpreted languages such as Python and Go.
Familiarity with code review tools such as SonarQube and Semgrep.
Experience with DevOps and CI/CD processes.
Application Penetration Testing experience in Cloud environments.
معرفی شرکت
ما در دیجیکالا به عنوان شرکتی که در حوزه تجارت الکترونیک فعالیت میکنه، به دنبال تحقق رویای «لبخندی برای همه ایران» هستیم. در همین راستا، با بهرهگیری از فناوریهای روز دنیا و توسعه مداوم سرویسهای مبتنی بر تکنولوژی، ارزشهای خودمون رو در مشتریمحوری، اشتیاق برای تعالی، کارگروهی و نتیجهگرایی دنبال میکنیم.
در گروه دیجیکالا امکانی فراهم شده تا ما با افراد با تخصصهای متنوع در یک مجموعه فعالیت کنیم. علاوه بر این، با توجه به سرعت رشد بالا در دیجیکالا، امکان رشد و توسعه رو در مواجهه با چالشها و استفاده از برنامههای توسعه و آموزش متنوع داریم.