Requirements:
— At least 3 years of practical proven experience in penetration testing
— Ability to perform evaluation of Web application requirements, processes, technologies
— Experience in security testing of Web applications based on different technologies (nginx, IIS/ASP.net, javascript)
— Experience in security testing of Web Services (SOAP, RESTful)
— Experience in different vulnerability scanners (OWASP ZAP, burp, MobSF, sonarqube etc.)
— Understanding of Web security testing process (e.g. OWASP Testing Framework, OWASP Serverless, OWASP API)
— Ability to develop custom scripts needed for specific assessment purposes (Python, bash, PowerShell, JavaScript)
— Ability to resolve technical problems when required
— Ability to explain assessment results to technical and non-technical personnel
Nice to have:
— Certification in security field
— Understanding of and practical experience in security audit process, meeting fintech security compliance requirements (PCI DSS)
— Experience in different exploitation tools and frameworks (metasploit, beef, sqlmap etc)
— Previous experience as a software engineer or knowledge of software development methodologies is desired, but not mandatory
— Experience in security testing of network infrastructure
— Experience in development of security-related documentation
— Experience in AWS-services and AWS-serverless
— Work from anywhere in the world!
— Competitive salary.
— Compensation vacation (15 days off in a year).
— Global corporate events for all employees.
— Internet compensation (50$ per month).
— Relocation to Montenegro.
Responsibilities:
— Conduct vulnerability assessments and penetration testing
— Demonstrate considerable knowledge of planning and estimating specific to security assessment activities
— Collaborate with technical and management personnel across the full security assessment life cycle
— Utilize problem-solving skills, especially within troubleshooting complex issues while identifying options and/or alternatives
— Document all disclosed issues using different reporting formats (e.g. available for distribution to different concerned parties: business, technicians, clients)
— Provide remediation suggestions to correct disclosed issues
— Collaborate with personnel responsible for writing and presenting proposals to prospective clients
— Manage and contribute to planning, coordination and successful completion of security engagements
Access Softek is a software company headquartered in Berkeley, California with offices in Manhattan, Chicago, and Vancouver. We are creating a digital banking solution: online banking, mobile banking, omnichannel lending, and omnichannel account opening. Today our 300+ employees are serving over 400 financial institutions and reaching over 3 million mobile banking end-users every month. Our focus is on innovation: mobile-first, machine-learning, and AI everywhere.
We are hiring Web Security Tester Position. As a Web Penetration Tester, you will help with assessing the security level of Web applications. This position will require advanced technical depth and experience.
Mandatory working hours: approximate time from 2 pm till