Job Description:
- The primary objectives of the Security Penetration Tester are to deliver and enhance various security services provided to both internal and external clients.
- The services include technical security assessments of applications and infrastructure, security design reviews as well as risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.
Key Responsibilities:
- Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our global clients
- Review and define requirements for information security solutions
- Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
- Participate in Security Assessments of networks, systems and applications
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
Job Requirements:
- Bachelor degree or higher, technical discipline preferred
- Two years of working experience in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)
- Working knowledge of Security principles, techniques and technologies
- Good understanding of network protocols, design and operations
- Strong analytical skills and efficient problem solving
- Willingness to travel
- Willingness to learn
- Good English communication skills (written and oral)
Nice to have skills:
-CISSP, CISA, CEH, OSCP or other information security certifications
- Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE
- Vulnerability and threat management experience
- Experience with various security tools and products (Fortify, AppScan, etc…)
- Good understanding of the components of a secure DLC/SDLC
- Vulnerability analysis and application reversing skills
- Understanding of cryptography principles
الشروط والمهارات:
Good understanding of network protocols, design and operations
Strong analytical skills and efficient problem solving
Two years of working experience in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)