ENCODE is seeking a Security Assurance Consultant / Penetration Tester to join the growing Threat Labs Team. The scope of this role includes performing the full cycle of engagements including scoping, information gathering, vulnerability discovery, exploitation, and reporting. The engagements will include internal, external, web and mobile applications, e-Social engineering tests, both on-site and off-site.
Responsibilities
- Prepare, plan and coordinate the execution of penetration tests
- Perform vulnerability discovery
- Determine the feasibility of particular sets of attack vectors
- Attack and exploit targets in line with the rules of engagement
- Identify and exploit high-risk vulnerabilities that may result from a combination of lower-risk vulnerabilities
- Interface with developers and security teams, in order to communicate/explain findings, and provide potential recommendations to remediate the identified issues
- Compile clear and precise technical assessment reports
Requirements
- MSc/BSc in either Computer Science, Information Security, Information Technology or Computer Engineering
- At least 3 years of professional experience performing Penetration Tests or Internal Technical Security Audits. Experience can be superseded by demonstration of solid understanding of vulnerability identification / exploitation
- Good understanding of web application security concepts and the methodology surrounding their identification / exploitation
- Good understanding of network routing and switching fundamentals
- Familiarity with penetration testing methodologies and tactics (PTES, OWASP testing guide)
- Proficiency in Windows amp; *nix platforms
- Experience with at least one of the following scripting languages: Python, C#, PowerShell, C/C++, Bash
- Strong ethics and understanding of ethics in business and information security
- Excellent written and verbal communication skills both in English and Greek
- Ability to work as part of a team and on own initiative
Nice to have:
- At least one of the following certifications: GPEN, GWAPT, GXPN, GCIH, OSCP, CREST CRT or other equivalent certifications
- IT / DevOps background
- Active Directory administration knowledge
- Cloud infrastructure (AWS / Azure / GCloud)
Benefits
- International working environment
- Get involved in challenging and exciting projects
- Competitive salary and benefits
- Rapidly growing company with opportunities for career growth