Engineer Pentesting
1 month ago
Who are we?
Vertiv, a $5.7B global organization with nearly 24,000 employees, designs, builds and services critical infrastructure that enables vital applications for data centers, communication networks, and commercial and industrial facilities. We support today’s growing mobile and cloud computing markets with a portfolio of power, thermal and infrastructure management solutions.
The Application and Product Security Engineer (Penetration Testing) is responsible for conducting security pen testing, monitoring, and auditing within a dynamic global organization. The products under test will have a range of possibilities from embedded devices to cloud services. Some of the products will be white box tests while others will be total black box engagements.
A successful engineer will be able to take the product and evaluate the weak points in the design and implementation and focus in on those weaknesses to find security gaps under the guidance of senior engineers and testing leads. The engineer should clearly document the findings, analysis and prepare a detailed report.
What Would Be the Perfect Qualifications?
In addition to performing internal application and product security assessments, the Penetration Tester will be expected to support on following major duties:
Conduct security evaluation and threat assessments of embedded systems, mobile applications, web applications Conduct research for the purposes of finding new vulnerabilities and enhancing existing capabilities Circumventing security protection methods and techniques Performing data bus monitoring (snooping) and data injection Conduct communications protocol analysis in the embedded products, and applications Conduct wireless communications channel snooping, and data injection Learn to reverse engineering complex systems and protocols Create detailed technical reports and proof of concept code to document findings Perform System Breakdown of the project/product before testing, identify and evaluate all the testing requirements and plan out the detailed testing activities, resources etc. with the help of Senior/Lead test engineers Provide proactive detailed interaction with respective engineering group on the testing needs, testing progress/status and provide detailed analysis reportWhat kind of work will you be doing?
Bachelor’s Degree in Information Technology, Computer Science or related field is highly desirable. Advanced security qualifications such as OSCP (Offensive Security Certified Professional) certification, CEH (Certified Ethical Hacker) or equivalent. Five or more years (5+ years) of experience in information, application, or embedded product security and/or IT risk management. Two or more years (2+ years) of pentesting experience with a strong interest / personal experience in pentesting (CTF, HacktheBox, Solid understanding of security protocols, cryptography, authentication, authorization, and security Good working knowledge of current IT risks and experience implementing security solutions Ability to interact with a broad cross-section of personnel to articulate and enforce security measures Excellent written and verbal communication skills as well as business acumen Strong ability to establish partnerships and influence change and achieve results within dynamic environment Meaningful technical contributions into the development lifecycle of an application, product, or serviceHow Does Your Ideal Experience Look?
Understanding and development experience of embedded systems / software, and web-based applications Linux network device driver/data-path performance exposure Familiarity with compilers, debuggers, disassemblers, and other low-level development and analysis tools Exposure to binary analysis tools such as IDA Pro, WinDbg, BinWalk, Valgrind, PIN, Panda and S2E Working knowledge of hacking tools and techniques such as memory corruption exploits, rootkits, protocol poisoning, browser-based attacks, DNS poisoning, MetaSploit, nmap, Nessus, etc. An understanding of common cryptographic algorithms and protocols including their weaknesses and attacks against them Understanding of network protocols and experience developing packet-level programs Understanding of common microcontroller programming tools and debugging interfaces Exposure to Layer 2, Layer 3 networking, QoS Knowledge of common malware/botnet exploits and how they are targeted to exploit embedded systems Operating system configuration of Windows, Linux, Android, and iOS Computer boot process including boot loaders Preference given to other practical skills such as: functional analysis, memory image capture, static memory analysis, and data element extraction, etc. Use of Gitlab for issue management, tool usage experience preferred-
Cybersecurity Engineer
3 weeks ago
india EURHASI Full timeJob Description EURHASI recrute pour son client un PENTEST Cybersecurity Engineer.Notre client est un une société spécialisée dans la conception, la fabrication et la commercialisation de verres correcteurs et d'équipements d'optique.Information : Le client n'accepte pas de candidatures nécessitant des démarches administratives pour une...
-
Penetration Tester
3 weeks ago
India AGS Cyber Full timeMy client, a US cybersecurity consultancy, is looking for Pentesting / Threat Modelling professionals support their team.Qualifications:5+ years of professional experience in Offensive SecurityExperience in Web App / Network / APIs / Mobile App / Cloud Security / Thick Client or other kinds of PentestingWhitebox / Blackbox / Greaybox PentestingSource Code...
-
Penetration Tester
3 weeks ago
india AGS Cyber Full timeMy client, a US cybersecurity consultancy, is looking for Pentesting / Threat Modelling professionals support their team. Qualifications: 5+ years of professional experience in Offensive Security Experience in Web App / Network / APIs / Mobile App / Cloud Security / Thick Client or other kinds of Pentesting Whitebox / Blackbox / Greaybox Pentesting Source...
-
india Astra Full timeAbout us : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to...
-
india Astra Full timeAbout Astra : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to...
-
Anywhere in India/Multiple Locations Astra Full timeAbout us : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps...
-
Anywhere in India/Multiple Locations, IN Astra Full timeAbout us : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to...
-
Tech Lead/Principle Software Engineer
1 week ago
india Astra Full timeAbout Astra : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to...
-
Anywhere in India/Multiple Locations Astra Full timeAbout Astra : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from...
-
Anywhere in India/Multiple Locations, IN Astra Full timeAbout Astra : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps...
-
Tech Lead/Principle Software Engineer
1 week ago
Anywhere in India/Multiple Locations Astra Full timeAbout Astra : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from...
-
Tech Lead/Principle Software Engineer
1 week ago
Anywhere in India/Multiple Locations Astra Full timeAbout Astra : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps...
-
Tech Lead/Principle Software Engineer
1 week ago
Anywhere in India/Multiple Locations, IN Astra Full timeAbout Astra : Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps...
-
Tech Lead/Principle Software Engineer
1 week ago
Anywhere in India/Multiple Locations, IN Astra Full timeAbout Astra :Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 9300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps...
-
Robosoft Technologies
8 hours ago
Anywhere in India/Multiple Locations/Metros/Mumbai/Navi Mumbai/Pune/Bangalore, IN Robosoft Technologies Full timeJob Description :- 6+ years of experience working with systems deployed on AWS- 4+ years of technical experience in Incident Management for AWS Cloud solutions- 1+ years of experience with AWS Incident Detection and Response- Demonstrated experience using Splunk for Incident Management and processes supported by Okta CIAM, PhishER, PagerDuty, Imperva,...
-
Robosoft Technologies
8 minutes ago
Anywhere in India/Multiple Locations/Metros/Mumbai/Navi Mumbai/Pune/Bangalore Robosoft Technologies Full timeJob Description : - 6+ years of experience working with systems deployed on AWS- 4+ years of technical experience in Incident Management for AWS Cloud solutions- 1+ years of experience with AWS Incident Detection and Response- Demonstrated experience using Splunk for Incident Management and processes supported by Okta CIAM, PhishER, PagerDuty, Imperva,...
