Param's technology company, ParamTech, comprises a specialized team of 250 experts dedicated to providing infrastructure and consulting services across various fields, including issuing, acquiring, digital wallets, mobile applications, information security, fraud prevention, artificial intelligence, credit infrastructures, and test automation within the fintech ecosystem.

By offering end-to-end technology solutions to key players in the industry, we empower new entrants in the ecosystem to design their financial futures and achieve growth, while continuing to be a reliable technology partner for everyone.

As we strengthen our journey, we are looking for new team members to join our dynamic work environment and share their enthusiasm and expertise with us. If you are eager to work in an innovative setting, we look forward to your application!

Basic Qualifications;

• Bachelor’s Degree in Computer Science, Computer/Math Engineering, MIS, or a related technical discipline,
• 2 or more years of experience in Application Security, Penetration Testing,including a thorough understanding of issues documented in the OWASP Top Ten and CWE Top 25,
• Demonstrated ability to exploit and mitigate application-level vulnerabilities,
• Experience conducting software security reviews using a combination of source code inspection, manual testing, and automated scanning,
• Deep understanding of web application security and mobile application security,
• Deep understanding of application security design and security architecture,
• Having a deep security analyst mindset and using best practice knowledge from an attackers point of view to detect, identify and respond to security events, known and unknown threats with effective management of response plans, across the security platform lifecycle in line with information security policies,
• Vulnerability management program and penetration testing activities for internal, and external assets, planning, scheduling, reporting, remediation, false positive check and verification activities,
• Strong understanding of Software Development Life Cycle (SDLC) with a focus on security,
• Hands-on experience with DAST, SAST, SCA tools, and DevSecOps processes,
• Experience with offensive tools and platforms, Exploiting vulnerabilities and misconfigurations,
• Ability to understand and assess applications from both a technical and business function perspective,
• Effective communicator with experience of working in a fast paced dynamic environment, where prioritization is key to success,
• Capable of working to strict deadlines and prioritising work appropriately,
• Excellent written skills with demonstrated ability to write reports. Including the ability to discuss findings in a risk perspective with clear remediation advice,
• Excellent problem-solving and analytical skills,
• Good Incident Management/Response,
• Good organizational skills with attention to detail and time management skills,
• Having project management skills.

Responsibilities;

• As part of the team, you'll be responsible for shaping, executing penetration testing engagements to identify security weaknesses within client's IT environments, reporting on vulnerabilities and making recommendations for their remediation,
• Work with other development teams to ensure that they make safe architectural and implementation choices,
• Constantly poke and abuse our software to find bugs before attackers do,
• Provide application security concept reviews and help socialize application security best practice,
• Provide support for application security incidents and operations,
• Performing, overseeing, improving and providing feedback on the services offered,
• Designing a program and creating Standard Operating Procedures, Rules of Engagement, Testing Methodologies,
• Conducting advanced penetration testing exercises (Network, Web Application, Mobile and Cloud),
• Identifying and exploiting vulnerabilities and mis-configurations,
• Reporting finding and developing pragmatic recommendations with the product ecosystem in mind,
• Developing, extending, or modifying exploits, shellcode, or exploit tools,
• Ability to identify attack paths for lateral movement and privilege escalation,
• Reducing attack surface of the organization.

For details

• Visit: https://www.paramtech.com.tr/tr/
• Follow us on LinkedIn: https://www.linkedin.com/company/paramtech/
• Follow us on Medium: https://medium.com/paramtech
• Follow us on Instagram: https://www.instagram.com/paramtech.com.tr/
• Follow us on X: https://x.com/paramteknoloji

"Perks Awaiting You at Param!"

🚗 Road Support

🍽️ Meal Support

🏥 Personalized Health Insurance

🎂 Birthday Leave

🎁 Welcome Kit

👋 Buddy Program

💻 Training through ParamHub

🍹 Fun Breaks

💳 ParamCard Benefits

🏆 Param Advantages

🌟 Referral Bonus

📚 Report Card and First Day of School Leave

👶 Welcome Gift for New Family Members

🎙️ Employee Feedback Program

" 6698 sayılı Kişisel Verilerin Korunması Kanunu kapsamında işlenen kişisel verileriniz ile ilgili detaylı bilgilendirmeye https://hr.param.com.tr/tr/aydinlatma-metni adresinde yer alan aydınlatma metnimizden ulaşabilirsiniz."