Bayt.com
https://bayt.page.link/v1TUmrkCw1dqRip19
أنشئ تنبيهًا وظيفيًا للوظائف المشابهة

الوصف الوظيفي

Main Job Responsibilities:

  • Plan and conduct black-box, white-box, and gray-box penetration testing
  • engagements on our systems, networks, and applications, identifying vulnerabilities using tools like Burp Suite and Metasploit.
  • Exploit identified vulnerabilities to assess potential impact, including privilege escalation, lateral movement simulations, and proof-of-concept development.
  • Collaborate with developers to remediate vulnerabilities through clear reporting, code reviews, secure coding practices, and retesting.
  • Document findings, develop security reports, and present them to relevant stakeholders.
  • Stay updated on the latest hacking techniques, threats, vulnerabilities, and remediation strategies.
  • Provide recommendations and knowledge transfer to internal staff to boost our overall security competence.
  • Continuously improve the organization security posture by creating, developing,
  • maintaining, and automating new attack tactics and tools. Monitor and research emerging threats to integrate them into the testing methodology.
  • Promote security awareness and best practices throughout the organization.
  • Design and execute penetration testing engagements aligned with SOC 2 compliance requirements.
  • Gather and document evidence to support the effectiveness of security controls for our annual SOC 2 audit.
  • Collaborate with third-party auditors during the SOC 2 audit process to address findings and demonstrate security posture.


المهارات

Requirements

Needed Competencies:

  • Excellent communication skills to convey technical findings to both technical and non-technical audiences.
  • Ability to manage multiple projects, prioritize tasks, and meet deadlines under pressure.
  • Actively listen to and understand the concerns and priorities of stakeholders from different areas of the organization.
  • Foster a collaborative environment where security is viewed as a shared responsibility.
  • Effectively mentor and train security best practices to internal teams (developers, operations, etc.).


Knowledge, skills and abilities:

  • Familiarity with security tools like OpenVas, Burp Suite, OWASP ZAP, and Metasploit.
  • Network security concepts (firewalls, IDS/IPS, network protocols).
  • Web application security principles (OWASP Top 10) and testing methodologies.
  • Mobile application security testing for Android and iOS.


Preferences:

  • Offensive Security Certified Professional (OSCP) or equivalent certification
  • Experience in cloud penetration testing (e.g., AWS, Azure, Mendix)
  • Demonstrated expertise in identifying and mitigating data exfiltration vulnerabilities across application layers and integration points.
  • Experience in code review for control flow and security flaws.
  • Experience in low-code/no-code application security testing (a plus).
  • Understanding of security standards and frameworks, such as MITRE ATT&CK, Cyber Kill Chain, OWASP Top Ten, and general security best practices.
  • Hands-on experience with security frameworks (NIST, ISO27001, etc.) and risk assessment methodologies.
  • Experience with scripting languages (Python, Bash) for automating penetration testing tasks.
  • Familiarity with security automation tools.
  • Excellent written and verbal communication skills to convey technical findings to both technical and non -technical audiences.
  • Ability to manage multiple projects, prioritize tasks, and meet deadlines under pressure.

Education:

Bachelors degree (or equivalent experience) in a related field (e.g., computer science, information security)


Experience:

  • 3+ years of experience in penetration testing or a related security discipline
  • 2+ years of experience with vulnerability management tools and processes


تفاصيل الوظيفة

منطقة الوظيفة
عمان الأردن
قطاع الشركة
خدمات تكنولوجيا المعلومات
طبيعة عمل الشركة
صاحب عمل (القطاع الخاص)
الدور الوظيفي
تكنولوجيا المعلومات
نوع التوظيف
دوام كامل
الراتب الشهري
غير محدد
عدد الوظائف الشاغرة
1
تحميل... أرسل إلى صديق قم بإضافة رسالة تعريفية جديدة إتمام الإستبيان
Avertra logo
متابعة الغاء المتابعه

Avertra is a global integration services, product development and consultancy organization focused on the energy and utilities industry. We attract and hire the industry’s most innovative and experienced problem solvers, each dedicated to our mission of helping our clients realize the full value of their investments in IT and in Avertra. Avertra’s industry-leading process knowledge and technology expertise combined with influences from consumer-centric industries has resulted in the genesis of our innovative User Xperience Unification (UXU) framework, which is available throughout our MiUtility platform of solutions for: -Call center optimization -Omni-channel customer engagement -Mobile work force management -Meter reading And much more!!

أظهر بيانات الشركة

هل تحتاج لمساعدة في إضافة الكلمات المفتاحية المناسبة لسيرتك الذاتية؟

اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.

مساعدة
لقد تجاوزت الحد الأقصى لعدد التنبيهات الوظيفية المسموح بإضافتها والذي يبلغ 15. يرجى حذف إحدى التنبيهات الوظيفية الحالية لإضافة تنبيه جديد
إدارة
تم إنشاء تنبيه للوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.
إدارة
تم إلغاء تفعيل تنبيه الوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.
إدارة