نشرت منذ 1 شهر
We are looking for talented Penetration Testing Engineer to work closely with qTech. Board, developers, Q.C., and network engineer executing test iterations, tracking / reporting results, troubleshooting and coordinating defect resolution.
- Responsible for applications Penetration testing monitoring, identifying, and exploiting security vulnerabilities in web-based applications, mobile applications, and systems.
- Conduct penetration testing, identifying vulnerabilities, and providing remediation steps.
- Planning and executing penetration tests with the larger team
- Solid knowledge and experience of using a variety of penetration testing or threat modeling tools including open source and commercial
- Probe for vulnerabilities in applications.
- Pinpoint methods that attackers could use to exploit weaknesses and logic flaws.
- Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies.
- Research, document and discuss security findings with management and IT teams.
- Review and define requirements for information security solutions.
- Identifying threats using threat risk modeling and creating solutions or mitigation approaches
- Be sensitive to qTech. considerations when performing testing
- Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
- Any other duties may be assigned.
Job Requirements / Qualification:
- B.S. Computer Science, Engineering, or related experience.
- 3+ years of work experience in an Information Security role.
- Infrastructure penetration testing is a plus
- Excellent communication, documentation, and presentation skills in business-level English.
- Strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Great awareness of cybersecurity trends and threats.
- Interest in all aspects of security research and development.
- Experience in secure code review, coding design development, and risk mitigation.
- Prior experience in programming/scripting knowledge is a plus.
- Full-stack understanding of end-to-end application communications.
- Cyber attacker mindset, a good learner with an innovative mind, and problem-solving abilities.