استخدام Web Application Penetration Tester
شرح موقعیت شغلی
· Performing application vulnerability and security assessments and penetration testing and propose remediation approaches
· Discovery of Problems/Identifying Vulnerabilities
· Performing manual Penetration test (Black-box\Grey-box) on application
· Performing dynamic and static analysis, fuzzing, and secure coding practices
· Performing assessments of Secure/Software Development Life Cycle processes
· communicate and report application vulnerability and security assessments to the upper management
· Provide security guidance and drive decisions in collaboration with other technical and management team, ensuring Security principles are being upheld and no violations of Security Policy is taking place
· Work independently with developers, product owners, and other colleagues to ensure secure design, development, and implementation of our applications
· Identifying current and emerging technology issues including security trends, vulnerabilities, and threats
· Hardening DBMSs, Web Service (IIS, Apache, etc.) and Web Application
· Working hours: Saturday to Wednesday at 8:00 to 16:00.
Requirements
· Nature and length of previous experience: Penetration Testing with 1+ years’ Work Experience, also Web developer background is a plus
· University Qualifications: BSc or MSc in computer engineering or Information Technology
· Information security related certifications like Certified Ethical Hacker (CEH), SANS SEC 542, 642, 504 are plus.
· Fluent in English
Specialist knowledge:
· understanding of information security concepts, standards and practices
· Strong Understanding of packet analysis include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes
· Familiar with application testing tools to perform security assessments: AppScan, Netsparker, Acunetix, BurpSuite, OWASP ZAP, or equivalent
· Familiar with at least one programing language
· Familiar with Application vulnerabilities and security issues
· Understanding of threat attacks, exploitation and data exfiltration
· Familiar with REST, JSON, WebServices, SOAP, XML
· Familiar with web technologies (HTML, CSS, JavaScript)
· Basic Understanding of Software Development Concepts
· Good understanding of HTTP protocol, Oauth, SSO, JWT, HTML
· Basic Understanding of JavaScript debugging
· Familiar with database systems such as Oracle, MSSQL and MySQL
Soft Skills and Personality traits
· Excellent written and verbal communication skills
· Ability to clearly communicate and present technical topics
· High skill in solving problems and providing optimal solutions
· Strong organizational skill and be able to attend to and prioritize projects
· Excellent analytical and time management skills
· Proven ability to thrive and respond to frequent demands of multiple constituents, both internal and external, in a high demand environment
· Ability to work under pressure and stressful scenarios
· Self-study capability and morality
· Teamwork skills
· Discipline and professional ethics
· Employment Type: Full Time
· Age: 22-35
مهارتهای مورد نیاز
- Javascript
- CSS
- HTML
حداقل سابقه کار
- کمتر از سه سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- معافیت دائم پایان خدمت