Bayt.com
https://bayt.page.link/v1TUmrkCw1dqRip19
العودة إلى نتائج البحث‎

Penetration Tester

اليوم 2024/11/22
للمواطنين السعوديين
الوظائف المتاحة عدد 2
دوام كامل
100-499 موظف · أمن المعلومات و الشبكات

حمّل تطبيق بيت.كوم

حمّل تطبيق بيت.كوم لإدارة مراسلاتك الفورية مع خبير التوظيف
حمّل التطبيق
أنشئ تنبيهًا وظيفيًا للوظائف المشابهة

الوصف الوظيفي

  • Experience in the range 2-3 yrs
  • Hands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network.
  • Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools.
  • Work closely with application, network and infrastructure teams when performing tests against new or existing systems
  • Use manual techniques to exploit identified vulnerabilities like cross-site scripting, SQL injections, session hijacking and buffer overflows to obtain controlled access to target systems
  • Validate vulnerability assessment results where appropriate, prioritize the remediation requirements and work with network, infrastructure and desktop teams to address security problems
  • Perform exploit analysis for identified vulnerabilities manually, with custom scripts or use tools such as Metasploit
  • Work closely with the application development teams, technology teams and the other members of the Information Security team to identify and remediate security issues as part of Incident Response
  • Be a part of the SDLC process for testing of new application systems/infrastructure
  • Participate in multiple organizational areas such as security architecture and design, service delivery, training and client communication.
  • Configure and educate on the use vulnerability assessment scanners (ex: Qualys, Nessus, Nmap, Metasploit, Snort, Nexpose, etc)
  • Create, maintain and report metrics that measure effectiveness of various security controls.
  • Document areas of significant exposure to information systems and recommend solutions.
  • Develop and maintain a formal reporting process highlighting results, conclusions, and recommendations which can be viewed by peers and senior management
  • The ability to articulate risks and findings to management
  • Experience in preparing a security threat model and associated test plans.
  • Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results.
  • Knowledge of current information security threats. Good understanding of coding best practices and standards.
  • In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred.
  • Excellent communication skills both written and verbal.
  • Critical thinking and good problem-solving abilities.
  • Organized in planning and time management skills are preferred.
  • Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional) is desirable.


المهارات

  • Experience in the range 2-3 yrs
  • Hands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network.
  • Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools.
  • Work closely with application, network and infrastructure teams when performing tests against new or existing systems
  • Use manual techniques to exploit identified vulnerabilities like cross-site scripting, SQL injections, session hijacking and buffer overflows to obtain controlled access to target systems
  • Validate vulnerability assessment results where appropriate, prioritize the remediation requirements and work with network, infrastructure and desktop teams to address security problems
  • Perform exploit analysis for identified vulnerabilities manually, with custom scripts or use tools such as Metasploit
  • Work closely with the application development teams, technology teams and the other members of the Information Security team to identify and remediate security issues as part of Incident Response
  • Be a part of the SDLC process for testing of new application systems/infrastructure
  • Participate in multiple organizational areas such as security architecture and design, service delivery, training and client communication.
  • Configure and educate on the use vulnerability assessment scanners (ex: Qualys, Nessus, Nmap, Metasploit, Snort, Nexpose, etc)
  • Create, maintain and report metrics that measure effectiveness of various security controls.
  • Document areas of significant exposure to information systems and recommend solutions.
  • Develop and maintain a formal reporting process highlighting results, conclusions, and recommendations which can be viewed by peers and senior management
  • The ability to articulate risks and findings to management
  • Experience in preparing a security threat model and associated test plans.
  • Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results.
  • Knowledge of current information security threats. Good understanding of coding best practices and standards.
  • In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred.
  • Excellent communication skills both written and verbal.
  • Critical thinking and good problem-solving abilities.
  • Organized in planning and time management skills are preferred.
  • Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional) is desirable.


تحميل... أرسل إلى صديق إتمام الإستبيان
CybersecIT Consulting logo

We are a professional Cyber Security and Consulting services company headquartered in UAE to cover the India, Middle East, Africa, and Levant Market, is a global provider of Cyber Security Professional Services, Remote Support, Certified Training, Outsourcing, Assessment, and Consulting Services, as well as solution to offer the Security Operations Centre (SOC) and Managed Security Services (MSS).

أظهر بيانات الشركة
لقد تجاوزت الحد الأقصى لعدد التنبيهات الوظيفية المسموح بإضافتها والذي يبلغ 15. يرجى حذف إحدى التنبيهات الوظيفية الحالية لإضافة تنبيه جديد
إدارة
تم إنشاء تنبيه للوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.
إدارة
تم إلغاء تفعيل تنبيه الوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.
إدارة