Cyber Security Analyst Senior (Vulnerability & Penetration)

Place of work: Bratislava

Job description

  • Perform full cycle engagements of vulnerability assessment.
  • Configure, run and monitor automated security testing tools.
  • Perform manual validation of reported vulnerabilities.
  • Produce actionable vulnerability reports on security testing results.
  • Perform full cycle engagements of penetration testing.
  • Configure, run and monitor automated security testing tools.
  • Execute opportunistic, blended and chained attack scenarios that combine multiple weaknesses to compromise and test in scope assets in the client environments.
  • Perform manual penetration testing of internal & external web application and backend API, internal & external mobile application, internal & external, network, system and additional environments when appropriate.
  • Thoroughly document exploit chain/proof of concept scenarios, and create comprehensive assessment reports that clearly identify root cause and remediation.
  • Produce actionable reports on security testing results.

Other benefits

  • Stability of a strong international company
  • Significantly discounted banking services
  • Extra days off
  • Food stamps in the full amount paid by the employer
  • Contribution to preventive health checks
  • Transport allowance
  • Contribution to the 3rd pillar pension savings
  • Childbirth allowance

Requirements for the employee

Required education

University education (Bachelor's degree)
University education (Master's degree)

Language skills

English - Advanced (C1)

Required experience

3

Personality requirements and skills

  • Experience performing Penetration Test.
  • Ability to identify, describe and report of overall information system risk through ostexploitation activities required.
  • Mastery of commercial and open source security tools required (e.g. Nessus, Nexpose, SAINT, Qualys, Burp, Nmap, Kali, Metasploit, Meterpreter, Wireshark, Acunetix etc.)
  • Thorough understanding of networking principles and how the Internet is built.
  • Thorough understanding of modern Operating Systems (both traditional and mobile).
  • Understanding of the attacker mindset, threat attack vector, Kill Chain and how attackers own targets.
  • Knowledge of network security zones, firewall, IDS, LB, Proxy, WAF, SSL Terminator, etc.
  • Experience on custom scripts development and programming language (i.e. Python, Perl, Bash, SQL, C/C++, Poweshell, Javascript, Java, etc.).
  • Comprehensive English verbal and written communication skills required.
Start date:
Contract type: full-time
ID: 2996745       Expected date of completion of the selection process:

Information about the selection process

If you are interested in this job offer, click on "Send CV to the company", fill in the application form and attach your CV.

We appreciate all applicants for their interest. After careful review of resumes, we will contact only candidates advancing to the next round. Thank you for your understanding.

If you know someone who might be interested in this job offer, please click on "Poslať ponuku známemu". You might give him/her an opportunity to start a successful career in our bank.

Thank you.
ID: 2996745   Datum zveřejnění: 14.7.2017