اسنپ فود | Snappfood

تاسیس در ۱۳۸۸ کامپیوتر، فناوری اطلاعات و اینترنت بیش از ۱۰۰۰ نفر snappfood.ir

استخدام Penetration Testing Specialist

دسته‌بندی شغلی

وب،‌ برنامه‌نویسی و نرم‌افزار
موقعیت مکانی

تهران ، تهران
نوع همکاری

تمام وقت
حداقل سابقه کار

سه تا شش سال
حقوق

توافقی

شرح موقعیت شغلی

Job Overview:

You will join a growing team responsible for building a secure infrastructure that supports technical team as well as product teams. With your background in security, you will conduct formal both automated and manual penetration tests using approved standard methodologies to identify and exploit vulnerabilities in networks, systems and applications, assess security controls for large enterprise systems and applications, and hosting infrastructure, and document technical and logical security findings identified during the security assessments, and report them in a timely manner.

Responsibilities:

Conduct vulnerability assessment and penetration testing against a wide array of technologies and platforms including (Network, Infrastructure, WEB Applications, Mobile apps including IOS and Android and API).
Select the appropriate technical tests, network or vulnerability scan tools and/or pen testing tools based on review of requirements and purpose.
Conduct relevant research, data analysis, and create reports.
Contribute to predictive analysis of malicious activity.
Understand, review, and interpret vulnerability assessment and scanning results, reduce false positive findings, and act as security advisor to business unit partners.
Track public and privately released vulnerabilities and assists in the triage process.
Perform black box and gray box testing, source code analysis, manual pen testing, and vulnerability assessments.
Perform hands on technical validation of vulnerability to determine risk to different configurations and priorities for remediation.
Communicate current cybersecurity threats and educate stakeholders on risks and recommendations
Simulate cyberattacks to identify vulnerabilities.
Strong knowledge in malware analysis and the ability to conduct detailed analysis of various security related events like Phishing, Spoofing, DoS-DDoS, SQL Injection, Ransomware etc.
Demonstrated knowledge of Active Directory concepts. Proficiency in system architecture and internals (Windows or Unix). Demonstrated knowledge of Active Directory concepts.
Participate in team problem solving efforts and offer ideas to solve the issues.
Performs threat modeling to identify all possible attack vectors.
Responsible for writing and reviewing formal penetration test reports documenting the details of a penetration test and all vulnerabilities, potential issues, and strengths found during the test.

Requirements:

University Degree in Computer Science, Computer Engineering or another relevant field.
Minimum proven experience in Red Teaming: 2 to 4 years.
Experience in developing exploits for identified vulnerabilities associated with most common operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), network security services (PKI, HTTPS, etc.) and some social engineering.
Experience with API testing and Mobile Application testing .
Familiarity with penetration testing tools and tool suites such as Burp Suite, OWASP ZAP, Kali Linux, etc.
Ability to demonstrate clear understanding of OWASP TOP 10 vulnerabilities .
An aptitude for technical writing, including assessment reports and presentations.
Strong understanding of penetration testing frameworks.
Understanding of offensive security, including offensive evasion techniques.
Basic knowledge of most common Cloud Security vulnerabilities and their best practices.
Hands-on experience with two or more scripting languages such as Python, PowerShell, Bash, or Ruby

معرفی شرکت

اسنپ‌فود بزرگترین سرویس آنلاین سفارش غذا در ایرانه که در کنار غذا، سرویس‌هایی از جمله سفارش نان، پروتئین، شیرینی و میوه رو هم در خودش داره.
همراهی صمیمانه و اعتماد بیش از ۵ میلیون کاربر ما رو بر این داشته که همواره به دنبال خلق پدیده‌های تازه و راهی برای خدمت‌رسانی بهتر و باکیفیت‌تر باشیم.
ما در این مسیر علاقه‌مند به همکاری با افرادی هستیم که با هوشمندی و سرعت عملشون در عبور از چالش‌ها و مسائل کسب‌وکار یاریگرمون باشن.