[MSO] Pentester

Company Description

Software Mind develops solutions that make an impact for companies around the globe. Tech giants & unicorns, transformative projects, emerging technologies and limitless opportunities – these are a few words that describe an average day for us. Building cross-functional engineering teams that take ownership and crave more means we’re always on the lookout for talented people who bring passion and creativity to every project. Our culture embraces openness, acts with respect, shows grit & guts and combines employment with enjoyment.

Job Description

Project - the aim you'll have:

You will be a part of the team carrying out penetration tests for clients in the BeNeLux market. You will be a member of one of four teams of seven people carrying out projects for a wide range of companies in both T&M and Fix price models.

Position - how you'll contribute:

• Conduct comprehensive penetration testing across various platforms.
• Perform risk analysis to identify and mitigate security issues leading to data loss or theft.
• Identify security breaches, implement corrective actions, and devise strategies to prevent future incidents.
• Writing test reports

Qualifications

Expectations - the experience you need:

• Able to assess the attack surface of a client and creating a threat model based on that information. This serves to determine which entries an application offers for an attacker to exploit vulnerabilities.
• Performing penetration tests (using a white-box, grey-box, or black-box methodology) by using hands-on testing and preferable by reviewing source code for security vulnerabilities. These penetration tests can be aimed at web applications, mobile applications on Android and iOS, and various other software and hardware.
• Categorizing vulnerabilities found in applications by determining the right risk, impact, and probability so that a customer can determine to what extent such a vulnerability poses a threat that may need to be addressed earlier on.
• Defining vulnerabilities by being able to describe what a specific vulnerability is all about and how it manifests itself in a customer's application. Furthermore, what the risk, probability and impact of this vulnerability is as well as giving recommendations to help a customer solving it or mitigating it as much as possible.
• Being able to describe vulnerabilities on multiple levels. In other words, using simpler and more general terms and omitting jargon in management summaries so that management can also understand the implications of the vulnerabilities, while describing the vulnerabilities in a more technically substantive and in-depth way when addressing security officers or developers.
• Drafting reports in which all levels of an organization (strategic-level management on the one hand and operational parties (for example developers) on the other) are targeted with correct and accurate information specific to them.
• min. 3 years of experience with certifications like OSWE, OSCE etc

Additional Information

Our offer – professional development, personal growth 

• Flexible employment and remote work  
• International projects with leading global clients 
• International business trips  
• Non-corporate atmosphere 
• Internal & external training 
• Private healthcare and insurance  
• Multisport card 
• Well-being initiatives 

Position at: Software Mind Poland