Behavox is shaping the future for how businesses harness their most important raw material - data. Our mission is bold: Organize enterprise data into actionable information that protects and promotes the business growth of multinational companies around the world.
From managing enterprise risk and compliance to maximizing revenue and value, our data operating platform presents a widespread opportunity to build multilingual, AI / ML - based solutions that activate data for every function within a global enterprise.
Our approach is unique, and it’s validated by our customers who tell us to keep forging ahead because no one else is aggregating, analyzing, and acting on data to uncover opportunities or solve problems quite the way we are.
We are looking for fearless innovators who have an insatiable appetite for building what no one has built before.
About the Role
The penetration tester will join the Information Security Assurance team and will be covering the day to day penetration test and vulnerability scanning activities. The penetration tester will actively exploit vulnerabilities and then help to develop solutions that will secure the enterprise and Behavox Product. This is a great opportunity for a talented professional to:
1. Work on interesting In-house software development
2. Contribute to a newly formed information security team
3. Support a multiple-award winning product at the cutting edge of applied AI/ML
What You'll Do
- Developing and executing formal web application security testing plans to ensure the delivery of quality software applications. Involved in test planning, preparation and communication with the development team prior to security test execution.
- Perform web application/network attack & penetration (A&P) testing to find security issues such as risks, defects, and logical errors.
- Collects and analyzes security data from manual, automatic and static source review, and integrates them to find the best way to address security issues to meet the needs of the business.
- Document all issues and assists in their resolution. Delivers security training and education to technical staff within findings and acts as an internal security consultant to advise or influence business or technical partners.
- Provide quality web application security audits across the various IT functions to ensure quality standards, procedures and methodologies are being followed.
What You'll Bring
- 2+ years of Red Team or Ethical Hacking experience
- Expert knowledge of web application security testing Processes and Strategies
- Working knowledge of web application security testing Tools - Acunetix, Nessus web vulnerability scanners, Burp Suite/Zen Attack Proxy/ etc…
- Demonstrate proficiency with OWASP Top 10 application security list and standard.
- Demonstrate proficiency with development frameworks and languages - Java/Python etc…
- Demonstrate proficiency in writing secure code.
- Write technical reports based on security findings.
- Provide delivery of specific vulnerability management and penetration testing services including: Network, Operating Systems (Linux, Windows), Application, Mobile and Wireless
About Our Process
We take Talent very seriously and we are building a community of extraordinary individuals working together in very high performing teams. We also know that the best Talent always has options so we believe that the process has to be a two way assessment - the company AND the candidate assessing the business needs alignment, the career next step alignment, and the cultural alignment.
During the process we will begin by exploring the core factors regarding salary and location along with core experience and skills and values alignment. We will then deep dive explore the critical technical competencies we have identified for the role, and then we will deep dive in behavioral competencies.
The most aligned candidate will then be asked to do a practical work task simulation activity so we can make sure that you will enjoy the kind of work the role requires, and this task will typically be presented and discussed with a group of colleagues and managers. Finally we will ask you to meet with a number of our senior leaders to make sure that you are making the most informed call possible.