IT Security – Pentester at Vesuvius w Polsce
Kraków, małopolskie, Poland -
Full Time


Start Date

Immediate

Expiry Date

20 Jan, 25

Salary

0.0

Posted On

21 Oct, 24

Experience

2 year(s) or above

Remote Job

No

Telecommute

No

Sponsor Visa

No

Skills

Communication Skills, Cloud Security, Career Development, Security Engineering, Malware Analysis, Red Teaming

Industry

Information Technology/IT

Description

Miejsce pracy: Kraków
Data dodania: 2024-08-30

The primary responsibilities will be as follows:

  • Performing semi-automatic pentests and manual inspections.
  • Proactively searching for threats and Vulnerabilities.
  • Presenting how different vulnerabilities might be exploited.
  • identifying insecure IT practices and another weaknesses.
  • Assessment of identified weaknesses for specific solution and possible impact on the entire environment.
  • Proposing feasible solutions to mitigate weaknesses.
  • Providing L2 and L3 support to other teams in security related issues.
  • Performing offensive security tasks to mitigate and resolve security incidents.
  • Preparing necessary documentation and reports.
  • Cooperating with other team members to provide comprehensive service.

Must have:

  • Experience as a pentester or security researcher/threat hunter.
  • Ideally 2+ years’ experience in a similar role.
  • Excellent technical skills.
  • Knowledge of vulnerability disclosure mechanism in systems in particular OWASP Top10 and CWE Top 25 Most Dangerous Software Weaknesses
  • Knowledge of performing infrastructure or application pentesting
  • Knowledge of security issues at a technical level
  • Experience with some pentesting solutions.
  • Communicative English including technical vocabulary.

Nice to have:

  • Security certification from industry leaders,
  • Experience working for an international organization,
  • Experience with system security in OT environment
  • Knowledge of Penetration Testing Standards and Guidelines eg. .
  • OWASP Security Testing Guides
  • PTES Technical Guidelines
  • Penetration Testing Framework
  • Technical Guide to Information Security Testing and Assessment (NIST 800-115)
  • The Open Source Security Testing Methodology Manual
  • Knowledge of reverse engineering methods

The individual will need to have the following key personal skills and attributes to perform successfully in this role:

  • Excellent planning and organizational skills,
  • Excellent interpersonal and communication skills,
  • Excellent attention to detail,
  • A proven ability to work unsupervised,
  • Ability to work diligently and under pressure ,
  • Ability to manage multiple workstreams simultaneously, and;
  • A proactive approach and a willingness to work outside the job specification when required.
  • Hybrid work model.
  • An individual approach to a career development in following areas:
  • Security Engineering
  • Cloud Security
  • Red Teaming
  • Malware Analysis

Podawane przez Pana/Panią dane osobowe w formularzu aplikacyjnym oraz we wgrywanym CV są zbierane przez Vesuvius Sp. z o.o.
Aplikując przyjmuje Pan/Pani do wiadomości, że:
a) administratorem Pana/Pani danych osobowych jest Vesuvius Sp. z o.o. z siedzibą w Krakowie, ul. Jasnogórska 11, 31-358 Kraków;
b) w sprawach związanych z ochroną danych osobowych można kontaktować się Inspektorem Ochrony Danych lub pisemnie na adres siedziby administratora;
c) Pana/Pani dane osobowe przetwarzane będą w celu uczestnictwa w rekrutacji na podstawie wyrażonej przez Pana/Panią zgody na przetwarzanie danych osobowych, tj. na podstawie art. 6 ust 1 pkt a Ogólnego Rozporządzenia z dnia 27 kwietnia 2016 r. o ochronie danych (dalej: RODO);
d) ujawnienie danych osobowych jest dobrowolne, ale konieczne do wzięcia udziału w procesie rekrutacji;
e) odbiorcami Pana/Pani danych osobowych mogą być podmioty wspierające administratora w przeprowadzeniu procesu rekrutacji;
f) Pana/Pani dane osobowe będą przechowywane przez okres trwania rekrutacji oraz przez 3 miesiące od zakończenia procesu rekrutacji;
g) Pan/Pani posiada prawo dostępu do treści swoich danych oraz prawo ich sprostowania, usunięcia, ograniczenia przetwarzania, prawo do przenoszenia danych, prawo wniesienia sprzeciwu, prawo do cofnięcia zgody w dowolnym momencie bez wpływu na zgodność z prawem przetwarzania, którego dokonano na podstawie zgody przed jej cofnięciem - jeżeli przetwarzanie odbywa się na podstawie zgody;
h) Pan/Pani ma prawo wniesienia skargi do Prezesa Urzędu Ochrony Danych Osobowych, gdy Pan/Pani uzna, iż przetwarzanie Pana/Pani danych osobowych narusza przepisy RODO.

Responsibilities

The primary responsibilities will be as follows:

  • Performing semi-automatic pentests and manual inspections.
  • Proactively searching for threats and Vulnerabilities.
  • Presenting how different vulnerabilities might be exploited.
  • identifying insecure IT practices and another weaknesses.
  • Assessment of identified weaknesses for specific solution and possible impact on the entire environment.
  • Proposing feasible solutions to mitigate weaknesses.
  • Providing L2 and L3 support to other teams in security related issues.
  • Performing offensive security tasks to mitigate and resolve security incidents.
  • Preparing necessary documentation and reports.
  • Cooperating with other team members to provide comprehensive service

The individual will need to have the following key personal skills and attributes to perform successfully in this role:

  • Excellent planning and organizational skills,
  • Excellent interpersonal and communication skills,
  • Excellent attention to detail,
  • A proven ability to work unsupervised,
  • Ability to work diligently and under pressure ,
  • Ability to manage multiple workstreams simultaneously, and;
  • A proactive approach and a willingness to work outside the job specification when required.
  • Hybrid work model.
  • An individual approach to a career development in following areas:
  • Security Engineering
  • Cloud Security
  • Red Teaming
  • Malware Analysi
Loading...