[MSO] Pentester
Kraków, Poland
Software Mind
A software house that provides software development services to boost product engineering and digital transformation capabilities.Company Description
Software Mind develops solutions that make an impact for companies around the globe. Tech giants & unicorns, transformative projects, emerging technologies and limitless opportunities – these are a few words that describe an average day for us. Building cross-functional engineering teams that take ownership and crave more means we’re always on the lookout for talented people who bring passion and creativity to every project. Our culture embraces openness, acts with respect, shows grit & guts and combines employment with enjoyment.
Job Description
Project - the aim you'll have:
You will be a part of the team carrying out penetration tests for clients in the BeNeLux market. You will be a member of one of four teams of seven people carrying out projects for a wide range of companies in both T&M and Fix price models.
Position - how you'll contribute:
- Conduct comprehensive penetration testing across various platforms.
- Perform risk analysis to identify and mitigate security issues leading to data loss or theft.
- Identify security breaches, implement corrective actions, and devise strategies to prevent future incidents.
- Writing test reports
Qualifications
Expectations - the experience you need:
- Able to assess the attack surface of a client and creating a threat model based on that information. This serves to determine which entries an application offers for an attacker to exploit vulnerabilities.
- Performing penetration tests (using a white-box, grey-box, or black-box methodology) by using hands-on testing and preferable by reviewing source code for security vulnerabilities. These penetration tests can be aimed at web applications, mobile applications on Android and iOS, and various other software and hardware.
- Categorizing vulnerabilities found in applications by determining the right risk, impact, and probability so that a customer can determine to what extent such a vulnerability poses a threat that may need to be addressed earlier on.
- Defining vulnerabilities by being able to describe what a specific vulnerability is all about and how it manifests itself in a customer's application. Furthermore, what the risk, probability and impact of this vulnerability is as well as giving recommendations to help a customer solving it or mitigating it as much as possible.
- Being able to describe vulnerabilities on multiple levels. In other words, using simpler and more general terms and omitting jargon in management summaries so that management can also understand the implications of the vulnerabilities, while describing the vulnerabilities in a more technically substantive and in-depth way when addressing security officers or developers.
- Drafting reports in which all levels of an organization (strategic-level management on the one hand and operational parties (for example developers) on the other) are targeted with correct and accurate information specific to them.
- min. 3 years of experience with certifications like OSWE, OSCE etc
Additional Information
Our offer – professional development, personal growth
- Flexible employment and remote work
- International projects with leading global clients
- International business trips
- Non-corporate atmosphere
- Internal & external training
- Private healthcare and insurance
- Multisport card
- Well-being initiatives
Position at: Software Mind Poland
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android Exploit iOS OSCE OSWE Pentesting Risk analysis Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs