Penetration Tester
SwipBox
근무지
Islamabad
고용 형태
풀 타임
구인 상세
Role and Responsibilities
• Cloud Application Security Assessments (AWS preferred).
• Ability to exploit recognized vulnerabilities and discover new vulnerabilities.
• Analyzing and auditing the source code of the Web/Mobile Application.
• Experience in testing business-critical environments.
• Proficiency in scripting, Unix operating systems, and Windows.
• Hands-on experience with both white box and black box testing.
• Proficient in Linux operating system configuration, utilities, and programming, Conducted manual external and internal penetration testing.
• Solid understanding of information security and applied cryptographic protocols.
• Conduct penetration testing for web applications, web APIs, and mobile apps (android and iOS).
• Perform static and dynamic code testing, manual code inspection, threat modeling, and design reviews to identify vulnerabilities and security defects.
• Good knowledge of security technologies for secure software development such as cryptography authentication techniques, protocols, etc.
• Keep up with the latest methods for ethical hacking and testing, and always evaluate new penetration testing tools.
• Detect, Prevent, and respond to abusive activities targeting the SwipBox Cloud Platform by researching and developing detection techniques and solutions.
• Implement and maintain enterprise security policies, procedures, and standards to improve the overall effectiveness of internal security controls.
• Ability to bake security into the SDLC to produce more secure software.
Qualifications and Education Requirements
• Master's or bachelor’s in software engineering, Computer Engineering, Telecommunication Engineering, or Computer Science.
• Minimum 1-2 years experience
Preferred Skills
• Real-time traffic analysis, network IDS, and packet dissection.
• Understanding of information security and applied cryptographic protocols.
• Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols, etc.
• Good to understand tools and technologies for performing Penetration Testing.
• Good to have CEH, eCPPT, CRTP, OSCP or any security vendor certification would be preferred
