نشان کن
کد آگهی: KP4478799614
استخدام Penetration Testing Engineer
:fill(transparent):quality(100)/https://mstorage2.jobinjacdn.com/other/files/uploads/images/1fc44e45-57e5-4760-87cd-ac622cc71d0e/main.png)
هف هشتاد | Hafhashtad
در تهران
اطلاعات شغل:
نوع همکاری: تماموقت
مدرک تحصیلی مورد نیاز: دیپلم
مهارتهای مورد نیاز:
MySQL
NoSQL
Databases
Bash
پرداختها: توافقی
متن کامل آگهی:
We are looking for a Penetration Tester to assess and strengthen our organization's security by identifying, exploiting, and documenting vulnerabilities in web applications, networks, mobile applications, cloud environments, and APIs. The ideal candidate will have a strong technical background in ethical hacking, vulnerability assessments, and security testing methodologies.
As a Penetration Tester, you will conduct simulated attacks to uncover security flaws, provide actionable remediation guidance, and work closely with development, IT, and security teams to improve overall cybersecurity posture.
Responsibilities:
enetration Testing & Vulnerability Assessment
- Conduct penetration tests on web applications (such as GoLang, React, NodeJS, .Net), networks, mobile applications, APIs, and cloud environments.
- Perform black-box, gray-box, and white-box testing based on project requirements.
- Identify and exploit security vulnerabilities such as Injections, XSS, XSRF, RCE, SSRF, and privilege escalation.
- Simulate real-world cyberattacks to assess an organization's security defenses.
- Work with Blue Teams, SOC, and DevSecOps to improve security detection and response.
Security Research & Exploit Development
- Research and test new attack techniques, exploit development, and bypass methods.
- Develop custom scripts and automation to assist in penetration testing (Python, Bash, PowerShell).
- Keep up with the latest security threats, vulnerabilities, and exploits (ExploitDB, CVE databases, MITRE ATT&CK).
Reporting & Remediation
- Document findings, risks, and mitigation recommendations in professional penetration test reports.
- Provide proof-of-concept (PoC) exploits and demonstrate security issues to stakeholders.
- Work with developers and IT teams to remediate vulnerabilities and improve security controls.
Security Tooling & Automation
- Utilize and configure penetration testing tools, including:
- Burp Suite, OWASP ZAP, OWASP Nettacker, Nuclei, Nessus, OpenVAS, SQLMap, Frida
- Metasploit, Nmap, Cobalt Strike, Wireshark, TCPDump
- Focus on the relevant tools and techniques within Kali Linux.
- Automate security testing and integrate security tools into DevSecOps CI/CD pipelines.
Security Compliance & Best Practices
- Ensure compliance with security standards (OWASP, NIST, PCI-DSS, ISO 27001).
- Help organizations achieve and maintain security certifications.
- Provide guidance on secure coding practices to development teams.
Security Awareness & Training
- Conduct security awareness training and workshops for developers and staff.
- Assist in Red Team exercises and adversary simulation engagements.
Required Skills & Qualifications:
Technical Skills
✔ Strong understanding of penetration testing methodologies (PTES, MITRE ATT&CK, OWASP Top 10).
✔ Hands-on experience with vulnerability assessment and exploitation.
✔ Deep knowledge of web application security, API security, network security, and mobile security.
✔ Familiarity with exploit development and scripting (Python, Bash, PowerShell, Frida).
✔ Identify and exploit vulnerabilities related to authentication, authorization, and access control, including those within FreeIPA and LDAP environments.
✔ Proficiency in mobile app testing tools (e.g., Frida, MobSF, Apktool, ADB, JADX).
Soft Skills & Experience
✔ +4 years of experience in penetration testing, ethical hacking, or offensive security.
✔ Ability to work in fast-paced environments and handle multiple security assessments.
✔ Excellent analytical and problem-solving skills for breaking into systems.
✔ Strong communication and report-writing skills for documenting security findings.
این آگهی از وبسایت جابینجا پیدا شده، با زدن دکمهی تماس با کارفرما، به وبسایت جابینجا برین و از اونجا برای این شغل اقدام کنین.
هشدار
گزارش مشکل آگهی
تماس با کارفرما
این آگهی رو برای دیگران بفرست
نشان کن
گزارش مشکل آگهی
جستجوهای مرتبط
دوشنبه 20 اسفند 1403، ساعت 02:57