Junior Penetration Tester

Dla naszego klienta DataArt Poland poszukujemy osoby na stanowisko Junior Penetration Tester.

Position overview

DataArt is a global software engineering firm and a trusted technology partner for market leaders and visionaries. Our world-class team designs and engineers data-driven, cloud-native solutions to deliver immediate and enduring business value. We promote a culture of radical respect, prioritizing your personal well-being as much as your expertise. We stand firmly against prejudice and inequality, valuing each of our employees equally. We respect the autonomy of others before all else, offering remote, onsite, and hybrid work options. Our Learning and development centers, R&D labs, and mentorship programs encourage professional growth. Our long-term approach to collaboration with clients and colleagues alike focuses on building partnerships that extend beyond one-off projects. We provide the ability to switch between projects and technology stacks, creating opportunities for exploration through our learning and networking systems to advance your career. We are seeking a motivated junior penetration tester to join our offensive security team, focusing on a diverse range of projects involving web, network, cloud, and AI security assessments.

Responsibilities

• Conduct network and application-level security assessments; use automated tools and manual techniques to identify and verify common security vulnerabilities
• Create comprehensive assessment reports that clearly identify root cause and remediation strategies
• Communicate with client personnel to gather information, clarify scope and investigate security controls
• Provide support to the company's security through information researches, tool creation, process improvement and other activities
  
  

Requirements

• Minimum 1 year of experience performing vulnerability assessments and penetration tests
• Good familiarity with different technologies and architectures (e.g., Linux, Windows, SQL, cloud architectures, etc.)
• Excellent understanding of web application vulnerabilities
• Ability to describe and report vulnerabilities and standard remediation activities
• Experience with open-source and commercial security tools (e.g. Nmap, Burp, sqlmap, etc.)
• Knowledge of programming and scripting for development of auxiliary security tools
• Ability to work well with customers, self-manage though difficult situations, be focused on client satisfaction
• Good spoken English
  
  

Nice to have

• Security certifications (e.g., OSCP, OSWA, BSCP, CBBH, eWPT, etc.)
• Strong programming skills on any modern programming language
• Experience with mobile application penetration testing
• Experience with reverse engineering and binary analysis
• Ability to deliver presentations at industry conferences, writing blog posts