Job Description
BrainRocket is a software development company and digital solutions provider. The company has created over 40 cutting-edge products spanning 20 different markets.
Our team of around 650 tech-savvy professionals successfully deliver scalable projects that are custom-made to the customersโ needs.
We also strive to create a culture centred around personal and professional growth for employees, in a positive and welcoming environment
โ Responsibilities
โ๏ธ Conduct web application, mobile application, network, wireless, and operational technology penetration tests.
โ๏ธ Conduct security assessments of cloud environments and application source code review.
โ๏ธ Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST).
โ๏ธ Maintain and finetune, methodologies and infrastructure to support penetration testing engagements in a variety of cloud environments and novel platforms
โ๏ธ Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics
โ๏ธ Use common penetration testing and red-team tools, tactics, techniques, and procedures.
โ๏ธ Utilize custom penetration testing tools, frameworks, and infrastructure.
โ๏ธ Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation.
โ๏ธ Work with security and engineering teams to communicate findings, recommendations, and knowledge to key stakeholders
โ๏ธ Evolve our capabilities and toolset.
โ๏ธ Penetration Testing in this domains:
- Web Applications, Network (Internal / External), Mobile Applications, Cloud Environments, Phishing
โ Minimum Requirements
โ๏ธ 5+ years experience pen testing services deployed in public cloud infrastructure
โ๏ธ Solid understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
โ๏ธ Knowledge of web and security protocols: HTTP, REST, CSP, CORS, OAuth
โ๏ธ Deep familiarity with current offensive security practices, bug bounty programs, CTFs, fuzzing, and other pen test tools and techniques
โ๏ธ Offensive Security Certified Professional
โ PREFERRED QUALIFICATIONS:
โ๏ธ 7+ years experience working in an information security disciplineAbility to find and exploit bugs in:
โ๏ธ JavaScript, Typescript
โ๏ธ Kubernetes, AWS, GCP, Firebase
โ๏ธ Memory management, namespaces, cgroups, etc.
โ๏ธ Prior experience working in a high growth, cloud native technology company
โ๏ธ Fluency in one or more programming or scripting languages: JavaScript, Python, Go
โ๏ธ Contributions to the security community, such as open source tools, research papers, conference talks, etc.
โ We offer excellent benefits, including but not limited to:
๐ง๐ปโ๐ปLearning and development opportunities and interesting challenging tasks;
๐Official employment in accordance with the laws of Cyprus and the EU, registration of family members;
โ๏ธ Relocation package (tickets, staying in a hotel for 2 weeks);
๐๏ธโโ๏ธ Company fitness corner in the office for employees;
๐ Opportunity to develop language skills and partial compensation for the cost of language classes;
๐ Birthday celebration present;
๐ Time for proper rest and 24 working days of Annual Vacation;
๐ฒ Breakfasts and lunches in the office (partially paid by the company).
- Join BrainRocket and rock with us! ๐