The Penetration Tester/Ethical Hacker must have sufficient information security knowledge and experience to conduct technically complex security assessments.
• Strong understanding of various web technologies and testing methodologies.
• Hands-on experience with the common tools associated with penetration testing.
• A good understanding of Unix, Windows and network security skills.
• Ability to manually find and exploit application and infrastructure vulnerabilities.
• Bachelors degree in Computer Science / Engineering with emphasis in security related fields.
• Minimum acceptable work experience requirements: must have a minimum of five years of relevant information security experience.
• Bonus points for community contributions like public CVEs, bug bounty recognition, open source tools, blogs, etc.
• Experience with penetration testing of cloud hosted environments
• Certs like Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Offensive Security Web Expert (OSWE), etc.
• Responsible for scanning and performing in depth penetration testing and reporting customer business and operating environments and network infrastructure related to compliance and other relevant industry standards.
Activities include, but are not limited to the following:
• Performing a variety of security testing assignments, including infrastructure, applications and mobile applications, utilizing commercial and open source tools.
• Conduct web application penetration testing in line with Open Web Application Security Project.
• Exploit security flaws and vulnerabilities with attack simulations on multiple projects working against specific customer systems and networks in accordance with an agreed scope of work.
• Effectively provide technical risk assessment of technologies in networks, applications, systems, wireless, and perform social engineering.
• Review and analyze security vulnerability data to identify applicability and false positives.
• Ability to solve complex technical problems and articulate to non-IT personnel.
It’s a great opportunity to deal with:
• Interesting domain — financial industry. Implementation of applications for one of the biggest and respectable brokerage companies
• Distributed teams — Kiev — Tel Aviv
• Friendly team — work with open-minded, remarkable and skilled people
• Agile ’startup’ environment within a well-established international company
• Opportunity to step into a broad product role, drawing upon skills in complex backend systems
• Direct and immediate impact on a company business results
• High Visibility for your leadership skills