We are looking for Penetration Testers to analyze, test web applications and services .
– Achieve Penetration testing and Audit in compliance with TSE-13638 standard
– Collecting evidences, auditing and reporting
– Provide technical support for the mitigation of detected security vulnerabilities and perform control audits/re-test
– Researching about design and cyber security trend subjects, new technologies, and new penetration test tools.
– Writing business and technical requirements for penetration test
– Work together with business/technical teams to solve challenging problems
– Proactive, knowledge share, teamplayer, positive and creative manner
– In depth hands-on experience in penetration testing tools( Metasploit, Nessus, Burp Suite, Nmap etc)
– BSc, MSc, PhD Degrees in Electrical/Electronic/Computer Engineering or equivalent technical degree; or equivalent combination of education and experience
– Experience in Scripting, PenTest and software & data analysis
– Security, Software Development and Networking Experience
– Reverse Engineering knowledge
– Good understanding of OSI layer 2-3-4 network protocols and common layer 7 protocols
– Deep understanding of Web and Native Applications
– Knowledge of Security Processes and Technologies (SIEM,DLP,WAF, IPS/IDS etc.)
– Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, XXE, exploit creation)
– Must have Commercial Web Application Tool Experience (i.e. Burp, AppScan, WebInspect)
– Understanding security fundamentals and common vulnerabilities (e.g., OWASP Top Ten)
– Web Services Security Penetration Testing Experience
– Source Code Review Experience
– Excellent technical writing skills and attention to detail
– Solid knowledge of debugging and scripting
– Excellent analytical abilities, technical creativity and self-motivation.
– Experience working in an Agile environment
– Ability to prioritize workload and meet project deadlines.
– Ability to multi-task in a fast-paced environment with minimal direction.
– Fluent in English (verbal and written)
– Strong interpersonal skills with ability to work both independently and as part of a team.
– Working knowledge of tools used in the Software Development Lifecycle (e.g. JIRA, Git, Redmine)
Preferred Soft Skills
– Proactive manner
– Great curiosity and willingness to question
– High enthusiasm, integrity, ingenuity, results-orientation, self-motivation, and resourcefulness in a fast-paced competitive environment
– Get excited by the challenge of technical problems
– Have a deep desire to work collaboratively, solve problems with groups, find win/win solutions and celebrate successes
Preferred Technical Skills
– Knowledge on
native reverse engineering tools (IDA, Ollydbg, Radare etc.)
software code quality (whitebox testing) and vulnerabilities tools
code assisted pentesting
Verbal & Written