Open position at NN IT HUB Prague
Penetration Tester
- Work schedule
- Full-time
- Address
- Karla Engliše 3201/6, 150 00 Praha 5-Smíchov, Česko
We are a team of international IT security professionals and ethical hackers with deep knowledge of application security and real curiosity of how things work. We are looking for a Penetration Tester who will help us to find security vulnerabilities of web/mobile applications, underlying (cloud/traditional) infrastructure, and help to simulate various cyber-attack scenarios. We are offering a high degree of autonomy. Your professional growth will be actively supported with opportunities to take part in domain-relevant training and conferences. If you have a higher goals, there's a possibility to become a service lead in the near future.
Job is closed for applications
Your typical day will be about:
Perform penetration tests of web or mobile applications (DAST)
- Perform secure source code reviews (SAST) of a web or mobile applications
- Plan and execute scenario-based tests simulating selected threat
- Verification of responsible disclosure submissions
- Knowledge transfer to application developers
- Mentoring of junior colleagues
- Work on improvement of the Penetration Testing services
What do you need for this role?
Need to have:
Experience with application penetration testing according to the OWASP ASVS standard
- Certification from Offensive Security (OSCP, OSWE)
- Good English communication skills
- Good understanding of security principles and web technologies
- Experience with source code review or mobile application or infrastructure testing
- Curiosity, Problem solving attitude, willingness to always learn more
Nice to have:
Experience with developing web applications (preferably .NET languages, Java, and JavaScript)
- Experience with SSDLC, cloud security or DevSecOps
- Ability to transfer knowledge to other team members and penetration tests requestor
- Community contributions like development or improvement of domain-relevant tooling, CTF writeups, published security research in form of a blog, CVE advisories, or in other public form
Why join us?
You can be part of an internal security team which has impact on the quality of corporate environment
- Possibility to improve your hard and soft skills via trainings and certifications
- International team – possibility to use English on daily bases
- New modern office in the Anděl, however nowadays we're working mostly from home
- Other benefits such as language courses, iPhone 11, MultiSport Card, Cafeteria program...
I base everything I do on human values. Our values Care, Clear and Commit have always been close to my heart.
Does it sound like a #dreamjob to you? Let us know, we are looking forward to talk to you! 👍
Job is closed for applications