Senior Penetration Testing
Who Are We? At SecureLayer7, we aim at solving challenging cybersecurity problems and hurdles faced by organizations. We bring bright minds together to provide a smooth experience in cybersecurity and achieve our vision by making organizations secure from cyber attacks. Our skilled pentesters and security engineers work on the project from a cryptocurrency exchange to IoT devices. SecureLayer7 is maker of cybersecurity products namely AuthSafe and BugDazz. About Job We send a signal - “w00t w00t” whenever we find a critical vulnerability. Our vision brings the most talented & experienced security consultants in the industry & this right opportunity to grow professionally. We have a professional development training plan where you can apply for OSCP certification after completion of 6 months of Internship. Who are you & What You Will Do Yourself a passionate Pentester who knows your way around finding vulnerabilities in digital assets. You may have found the critical to low vulnerabilities or zero-days vulnerabilities responsibly disclosed & presented at conferences or infosec groups. You have submitted multiple exploits on Public exploit repository websites. You like to create vulnerability labs for practicing the latest vulnerabilities & keeping yourself updated with the latest vulnerabilities. You like to play around with Linux, Windows machines to bypass the existing security feature by writing shell scripts or existing tools. With SecureLayer7, you will be assigned a mission to pentest Web, Binary (RE), Mobiles apps, Source code audit, application architecture review, Cloud infrastructure (AWS, GCP, Azure), & Ethereum Smart contract audit. Somedays, you will be assigned to work on research on the latest vulnerabilities & preparing the research paper about it. You will be given to work on Red assessment for accessing physical devices to compromise the data center. Few Days, you will be performing the source code audit & ETH smart contract audit. And regularly, you will be working on Web, Mobile & infra penetration testing. Every day you will be learning something new about infosec. Willingness to travel up to 40% as needed. Note: Currently HIGHLY limited due to COVID-19 As Pentester, you will be responsible for writing detailed reports & providing mitigation opinions to customers. You will be mentoring a JUNIOR Security consultant. Education Qualification None, we love to work with skilled & passionate people. Overview of Technical Skills
- 2 - 5 Years of experience in OWASP top 10 - Web, Thickclient & Mobile.
- Red assessment knowledge : Social engineering & exploit development.
- Great communication skills (i.e.written and verbal) - Working in team to find vulnerabilities
- As remote work, the self-discipline to work independently.
- Knowledge of TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred
- Knowledge of at least one programming language such as java, c#, c, c++
- Knowledge of at least one scripting language such as python, shell script, javascript and good command to write automated tools & scripts during the Pentesting process.
- Candidate Must be able to write their own tools & scripts as when required
- Advanced knowledge of multiple operating systems (Windows, Linux, BSD, etc)
Good to have
- HacktheBox Profile
- BugBounty Profiles
- Github Link
- Personal Blogs Link
- OSCP/E, GWAPT, or GPEN certifications
- CTF Player
Apply tot his job Apply To this Job