Job ID
25460
Job Title
penetration tester
To work for
Confidential
Country
Syria
City
Damascus
Field of Work
IT Software/IT Security
Job Type
Full time
Military service
Finished or Exempted (For male)
Minimum Education Level
Bachelor/ License Degree
Responsibilities
1-Planning and performing relevant penetration tests on computer systems, networks or web-based applications
2-Designing and implementing new penetration testing tools and techniques that can be deployed during Penetration testing on behalf of the client
3-Conducting a physical security assessment of an organisations systems, including servers and networks, ensuring that any unauthorized external physical interference is not possible
4-Pinpointing the methods that attackers would use to gain access to the clients systems and underlying data, identifying exploits and weaknesses within the organisations IT Security defences.
5-Uncovering inadequate security practices, password policies and other human errors using social engineering techniques. Recommending processes and procedures to mitigate against human error in future.
6-Ensuring that file, directory and login permissions are restricted to those that need access to them and no one else
7-Collate all findings together into a formal document with the report highlighting all issues uncovered together with recommended remedial actions that should be taken by the client.
8-Present the penetration testing findings to all interested parties such as senior IT management, directors and their impacted teams. Explaining the details of the individual findings, where required, and your experience and recommended next steps
9-Highlight the project scope and requirements necessary for the organisation to patch, fix and isolate any of these newly discovered IT security flaws. Training, or indeed re-training, of the impacted systems users, may also be necessary. This work should take place alongside the creation of new documentation supporting both new and existing systems going forwards.
10-Recommending a process of penetration and vulnerability testing that the organisation could carry out themselves in future. Penetration and vulnerability testing of the live or production environment on a regular basis is necessary in order to maintain a secure environment as new threats and exploits emerge.
11-should be able to verify the client’s remedial actions, providing feedback and verifying their fixes to any highlighted security issues. Often a final Penetration Test will be necessary to confirm success
2-Designing and implementing new penetration testing tools and techniques that can be deployed during Penetration testing on behalf of the client
3-Conducting a physical security assessment of an organisations systems, including servers and networks, ensuring that any unauthorized external physical interference is not possible
4-Pinpointing the methods that attackers would use to gain access to the clients systems and underlying data, identifying exploits and weaknesses within the organisations IT Security defences.
5-Uncovering inadequate security practices, password policies and other human errors using social engineering techniques. Recommending processes and procedures to mitigate against human error in future.
6-Ensuring that file, directory and login permissions are restricted to those that need access to them and no one else
7-Collate all findings together into a formal document with the report highlighting all issues uncovered together with recommended remedial actions that should be taken by the client.
8-Present the penetration testing findings to all interested parties such as senior IT management, directors and their impacted teams. Explaining the details of the individual findings, where required, and your experience and recommended next steps
9-Highlight the project scope and requirements necessary for the organisation to patch, fix and isolate any of these newly discovered IT security flaws. Training, or indeed re-training, of the impacted systems users, may also be necessary. This work should take place alongside the creation of new documentation supporting both new and existing systems going forwards.
10-Recommending a process of penetration and vulnerability testing that the organisation could carry out themselves in future. Penetration and vulnerability testing of the live or production environment on a regular basis is necessary in order to maintain a secure environment as new threats and exploits emerge.
11-should be able to verify the client’s remedial actions, providing feedback and verifying their fixes to any highlighted security issues. Often a final Penetration Test will be necessary to confirm success
Qualifications
Certified Ethical Hacker (CEH)
Specific Vacancy Requirements
1-Expertise with penetration testing or offensive security testing
2-Expertise with Linux Windows and Mac operating systems
3-Strong knowledge of TCP/IP & UDP protocols and networking design/architecture
4-Proficiency with security tools such as Metasploit, Burp Suite, Cobalt Strike, and Kali Linux
5-Strong knowledge of the functionality and capabilities of network defense technologies, such as ACLs, firewalls, IDS/IPS, antivirus, and web content filtering
6-Experience with wireless exploitation techniques and tools
7-Expertise with application-based penetration testing
8-Experience with multi-vector penetration testing using exploitation frameworks
9-Experience with reverse engineering or exploit development
10-An analytical mind with the ability to respond quickly to findings
11-You will need to be organised, efficient and able to work unsupervised under your own initiative
12-Good written and verbal communication skills
13-Good customer service skills are beneficial because penetration testers may provide results or information to clients.
2-Expertise with Linux Windows and Mac operating systems
3-Strong knowledge of TCP/IP & UDP protocols and networking design/architecture
4-Proficiency with security tools such as Metasploit, Burp Suite, Cobalt Strike, and Kali Linux
5-Strong knowledge of the functionality and capabilities of network defense technologies, such as ACLs, firewalls, IDS/IPS, antivirus, and web content filtering
6-Experience with wireless exploitation techniques and tools
7-Expertise with application-based penetration testing
8-Experience with multi-vector penetration testing using exploitation frameworks
9-Experience with reverse engineering or exploit development
10-An analytical mind with the ability to respond quickly to findings
11-You will need to be organised, efficient and able to work unsupervised under your own initiative
12-Good written and verbal communication skills
13-Good customer service skills are beneficial because penetration testers may provide results or information to clients.
Salary and Benefits
....
About us
.....
Required employees number
3
Posted On
Apr 05, 2021
Expiry Date
May 05, 2021
CV Language
English