Jobs and Careers

TERM: 

Full-time

JOB DESCRIPTION: 

CyberSec LLC is looking for a Web Application Penetration Tester to join its team.

RESPONSIBILITIES: 

- Work with clients to determine their requirements from the test, for example the number and type of applications they would like to test;
- Advise on methods to fix or lower security risks to systems;
- Consider the impact own 'attack' will have on the business and its users;
- Create reports and recommendations from own findings;
- Present own findings, risks and conclusions to both technical and non-technical audiences;
- Understand how the flaws that are identified could affect a business, or business function, if they're not fixed.

REQUIRED QUALIFICATIONS: 

- Bachelor's degree in Information Technology or a related field of study or equivalent experience;
- At least 3 years of professional work experience in a related field;
- Bug Bounty participation (Hackerone, Bugcrowd, Synack, Cobalt);
- Participation in Capture the Flag (CTF) Competitions;
- Speaker experience at International Cyber Security Conferences (Black Hat, DefCon, Bsides, PHDays, ZeroNights);
- Deep understanding of web application attacks, including SQL Injection, XSS, CSRF, XXE, RCE, SSRF, IDOR and other common security issues beyond the OWASP Top 10;
- Experience with testing tools, including Kali Linux, Metasploit, Burp Suite, Dominator;
- Experience scripting in Python, PHP, Ruby, Bash, and Java;
- Experience in configuring Web Servers Like Apache, Nginx, and IIS;
- Experience in finding vulnerabilities in source code, both manually and automatic;
- Basic knowledge of JavaScript and SQL;
- Excellent knowledge of Armenian, Russian and English languages, both oral and written.

Desired Certifications:
- GIAC Penetration Tester (GPEN);
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN);
- Offensive Security Certified Professional (OSCP);
- Certified Ethical Hacker (CEH);
- Licensed Penetration Tester (LPT);
- Mobile and Web Application Penetration Tester (CMWAPT).

APPLICATION PROCEDURES: 

Interested candidates who meet the requirements above and are confident that their background and experience qualify them for the position are welcome to send their resume to: ****@********.** specifying the subject line of the email as "About Web Application Penetration Tester Vacancy". Only shortlisted applicants will be called for an interview.

Please clearly mention in your application letter that you learned of this announcement through Career Center and mention the URL of its website - www.careercenter.am. Thanks.

REMUNERATION/ SALARY: 

Fixed salary plus bonuses

OPEN TO/ ELIGIBILITY CRITERIA: 

Self-driven, hard-working and good team players