Senior Penetration Tester |Cybersecurity
IBA Poland
Lisbon, Portugal
há 1 dia
source : Just Join IT

HTML (advanced)

HTTP protocol (advanced)

JS (advanced)

Join our team at IBA Poland and let raise the standards of IT security together!

We conduct penetration tests that simulate potential attacks on IT environment and allow to identify security gaps. We will perform a controlled attack to detect vulnerable areas of application / system / network.

Main tasks & responsibilities :

  • Carry out application , network, systems, and infrastructure pentests
  • Review physical security and perform social engineering tests where appropriate
  • Evaluate and select from a range of pentesting tools
  • Keep up to date with latest testing and ethical hacking methods
  • Deploy testing methodology and collect data
  • Report on findings to a range of stakeholders
  • Make suggestions for security improvements
  • Enhance existing methodology material
  • Plan the pentest
  • Select, design, and create appropriate tools for testing
  • Perform the pentest on computer systems, networks, web-based and mobile applications
  • Document your methodologies and findings
  • Gather the data intelligence not only from the output of the automated pentesting tools but also from information gathered from interaction with product teams, previous results, threat model and source code scanning inputs.
  • Review your findings and feedback to development teams
  • Analyze the outcomes and make recommendations for security improvements
  • Actively participate in the EH expertise development.
  • Sounds exciting? Match your experience to needed skills

    Must Have Qualifications :

    Web Application Testing :

  • Understanding of HTTP and HTTPS Protocols HTTP(S) Methods, Request / Response Headers, Cookies, TCP / IP connections over HTTP(S) etc.
  • Understanding of HTML / JavaScript
  • Good Understanding of security vulnerabilities, including impact, exploits, etc.
  • Automated Testing :

  • Must have knowledge of at least one scanning tool (IBM AppScan or BurpSuite scanner or any Open-Source equivalent).
  • Should be able to configure automated scanner (such as Login sequence, manually exploring critical flaws, Policy customization, scan throttling, etc.
  • to perform successful scan.

  • Assessment of scanner results and intelligently identifying false positives from the scan results.
  • Knowledge of Burp features, Spider, Intruder, Scanner, Repeater and Extender.
  • Manual Testing :

  • Should be able to understand OWASP Top 10 categories to perform manual testing.
  • Flaws like, Authentication (session management) testing, CSRF, business logic testing which are not detected by an automated scanner must be identified using manual testing.
  • Understanding of the workflow of the application and identifying the entry points to detect vulnerabilities.
  • Advanced knowledge of English spoken and written (B2 / C1),
  • Good asset : Webservice Testing :

    Webservice Testing :

  • SOAP / REST APIs testing.
  • Configuring cURL commands and POSTMAN tool to capture the request in automated scanner.
  • Network Testing :

  • Understanding of networking protocols such as TCP, UDP, DNS, DHCP etc.
  • Understanding of network devices like router, switches, security system / IDS / IPS etc.
  • Network scanning tools such as Nessus, Nmap, Metasploit etc.
  • Exploitation and Post Exploitation of network vulnerabilities.
  • Threat Model and Source code security scanning :

  • Perform / Participate in threat model creation / design or review
  • Perform source code security scanning using (SAST) tools like IBM AppScan, Contrast, and other popular open-source tools.
  • Security Certifications :

  • Any of the security certifications is a plus (such as CEH, ECSA, OSCP, GPEN, GWAPT etc.)
  • What you need to have :

  • Legal work permit in Poland.
  • Start date for assignment : ASAP

    Duration of trial period : 3 months

    Expected workload for the consultant : Fulltime

    Location : Hybrid / Wroclaw

    Reasons to love work with IBA Poland

  • Contract of Employment,
  • Competitive Salary,
  • We offer flexible working hours as we care about the work life balance of our employees.
  • By working with us today, you gain experience of the implementation of projects of a wide variety in a diverse industry with international teams .
  • Selection of benefits such as : private medical care provided by Medicover, multisport card, cafeteria system, language courses, integration events and many more as we grow.
  • We have over 25 years of experience in providing comprehensive solutions in various industries. During this time, we have achieved success in over 2,000 projects and established development centers in several countries in Europe, the United States, Africa, and Asia.

    IBA Group develops and integrates custom software, implements proprietary and vendor solutions, and offers technical support and consulting.

    Fundamental areas : mainframe software, corporate and mobile applications, web, SAP and other ERP, BI and IBM Tivoli systems.

    Reportar esta oferta de trabalho

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Meu email
    Ao clicar em "Continuar", autorizo a neuvoo a processar os meus dados e a enviar-me alertas de e-mail, conforme detalhado na Política de Privacidade da neuvoo . Posso retirar o meu consentimento ou cancelar a subscrição a qualquer momento.
    Formulário de candidatura