Publisert i: IT i Sofia | Posted: |
Offensive Cyber Security Consultant (Penetration Tester / Ethical Hacker)
Nordic Recruitment & Consulting offers efficient IT and rare language recruitment and business consulting in Bulgaria - and beyond.
Having long experience in recruitment we value above all those things that make us successful because of our clients, candidates and partners success: trustworthiness, good communication, Can do-attitude, finding solutions, being flexible; being available. We also have genuine passion for what we do.
• Being responsible for application and infrastructure penetration testing, supporting external vulnerability reports and overall vulnerability management
• Performing penetration testing and vulnerability assessment coverage across the global organization
• Performing independent manual penetration tests of cloud and global IT infrastructure, web application, APIs, and IOT devices in our warehouse and logistics centers
• Working with external vendors when third party penetration reports are required
• Reviewing all applicable threats, discover vulnerabilities and collaborate with remediation treatment owners to remediate identified vulnerabilities.
• Preparing vulnerability data and develop comprehensive, accurate reports and presentations for both technical and executive audiences
• Researching the latest security best practices and technologies, staying abreast of new threats and vulnerabilities and helping disseminate this information within the groups at the company
• Supporting the capabilities of our vulnerability management service including vulnerability scans, penetration tests, security assessments, application security testing, and configuration management
You’ll be a great fit if you have:
• 3+ years of strong hands-on experience in application and network penetration testing, network vulnerability assessment vulnerability risk management
• Strong understanding of vulnerabilities, common attack vectors and has attacker mindset
• Experience using vulnerability scanning software such as Nessus, teanable.io, tenable.sc, or similar
• Strong technical understanding of CVSS, OWASP Top 10, SANS top 25, and Vulnerability Exploitability ratings.
• Experience with Splunk and Splunk Enterprise Security is a plus.
• Preferred Certifications: SANS, CEH, OSCP, OSCE, OSWE, GWAPT, GPEN, GXPN, or equivalent certification, work experience, or skills.
• Knowledge of programming and the ability to automate tasks in at least one language, including but not limited to Ruby, Python, Powershell, or BASH.
• Familiar with Metasploit, Burp Suite, Nmap, and security assessment focused Linux distributions, such as Kali.
- 3 000 - 5 000 BGN/Month
- 1 800 - 3 000 BGN/Month
- 1 000 - 1 500 BGN/Month
- 1 800 - 2 700 BGN/Month
- 2 200 - 3 500 BGN/Month