Вакансии ИТ

Intermediate Security Penetration Tester (ID11)

Дата:9 Августа
Требования:Perform application and infrastructure penetration tests, as well as social engineering tests for our global clients
Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
Participate in Security Assessments of networks, systems and applications
Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
Квалификация:Job Requirements:
Good understanding of network protocols, design and operations
Good understanding features of different OS (Windows/Linux/Android/iOS/MacOS etc...)
Good understanding of web application security issues (OWASP Top 10 for ex.)
Familiarity with different web technology stacks and frameworks from the security perspective (Java/JBoss/Apache Sling/.NET/RoR/IBM Web Sphere etc...)
Familiarity with any scripting language (Python, Ruby or other)

Required Tools and Technologies
Security testing key security threats from OWASP Top 10/SANS 25: SQLi, XSS, CSRF, Fuzzing
Malware analysis (gdb, IDA, PEDA)
Firmware Reverse engineering (binwalk, firmware mod kit)
Cisco IOS, NX-OS
Kali, Backtrack, FreeBSD, CentOS, Windows
OS virtualization: VMWare, VMware Workstation, Virtual Box
Sniffing, Spoofing, Network troubleshooting (tcpdump, WireShark)
Android or IOS application security (JADX, dex2jar)
Burp Suite, OWASP ZAP
Metasploit, Armitage
Nessus, OpenVAS
Acunetix, Nikto,
Testssl, ssltest, sslyze
Nmap, netcat
Security SDLC
Static and Dynamic Security Testing methodology
Контакты:Contact person: HR
Contact phone: 0 800 60 3000