Application Security Engineer
Athens, Greece
πριν από 1 μέρα
source : Just Join IT

OWASP (advanced)

About position : Conducting penetration tests, conducting web sites audit and PCI DSS segment audit, web and mobile based incident handling, creating internal documents for information security.

Responsibilities :

  • Conducting audit of web and mobile application according to OWASP security requirements and information security standards.
  • Conducting penetration tests according to PCI DSS standard.
  • Analysis of architectural solution on compliance with information security standards when implementing company systems.
  • Making presentations on information security domains for internal users.
  • Participation in the investigation of incidents of information security.
  • Processing internal user requests for application penetration testing.
  • Participation in the projects of web and mobile development for the assessment of the level of information security.
  • Carrying out of separate assignments of his direct supervisor on other matters of activity on a post.
  • Requirements :

    Education : Telecommunication

    Experience : 3-5 years

    Language skills : Ukrainian - upper intermediate; English verbal / writing upper intermediate; technical reading / writing fluent.

    PC Skills : Advanced PC user : MS Excel, Power point, Outlook, Project (preferred), Word, Jira.

    Special Requirements :

  • Perform authorised and blackbox security tests on computer systems in order to expose weaknesses in their security that could be exploited by criminals (CTF experience is welcome)
  • OWASP TOP 10 and PCI DSS compliance testing for Windows, Linux and Mac operating systems, web-based interfaces checks, mobile application testing
  • Tools : vulnerability scanners (Nessus), Kali Linux tools, Netsparker, Burpsuite, Sonarqube
  • Embedded computer systems
  • Web / mobile applications, databases security tests
  • nix, windows security hardening and hack technics understanding, SCADA (supervisory control and data acquisition) control systems, wireless and mobile (3-5G) technologies security knowledge, Internet of Things (IoTs) security
  • Programming languages : any system level (Python, perl, bash or other) and object-oriented programming skills
  • Ability to read code and write automated security checks for API (json, restful, SOAP)
  • Network and organizational security basics understanding
  • Experience of software development and server administration
  • Understanding of basic attack vectors on software applications
  • Experience with discovering of information threads and viruses detection
  • A certificate will be a plus : Offensive Security Certified Professional (OSCP); Certified Ethical Hacker (CEH) Certification
  • Knowledge and ability to support Company Safety Infrastructure (SIEM, DLP, TRAPS, etc.)
  • Αναφορά αυτής της εργασίας

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Το e-mail μου
    Πατώντας στο κουμπί «Συνέχεια », δίνω στο neuvoo τη συγκατάθεση μου να καταχωρήσει τα δεδομένα μου και να μου στέλνει ειδοποιήσεις μέσω email, όπως αναφέρεται λεπτομερώς στην πολιτική προστασίας προσωπικών δεδομένων του neuvoo. Μπορείτε ανά πάσα στιγμή να αποσύρετε τη συγκατάθεση σας ή να διαγραφθείτε οποιαδήποτε στιγμή.
    Φόρμα αίτησης