While working with us, you will actively co-create Cyber Defence eXercise Platform. CDeX https://cdex.cloud/ is a unique and practical product developed for constant growth of efficiency and speed in response for a variety of incidents connected with cybersecurity.
Penetration Tester role includes:
Preparing cyber-attacks scenarios;
Designing and programming tools needed to support Red Team operations;
Co-creating cybersecurity training contents;
Conducting penetration tests for networks, systems and applications;
Searching for weaknesses in the software;
Active participation in preparing CDeX activities and gameplay;
Acting as a consultant in penetration tests and security audits topics;
Defining the range of penetration tests.
Skills you need to have:
3 years of previous experience on a similar position;
Penetration testing methodologies’ knowledge;
Systems, networks, web and mobile applications safety knowledge along with awareness of methods off attacks on them;
Very good skills connected with networks and TCP/IP protocols;
Practical knowledge of Microsoft Windows i Linux environment;
Good coding skills in at least one of the coding language;
Experience with one of the command&control servers: Metasploit, Empire, Silent-Trinity, Cobalt Strike, Koadic;
Ability to create exploits resilient on DEP, ASLR etc.;
Cryptology and cryptographic mechanisms weaknesses knowledge;
Familiarity with avoiding security systems methods (AV, IDS/IPS, etc.);
English language knowledge min. B2.
Nice to have:
Certificates: CEH, OSCP, OSCE, GPEN, GXPN, GWAPT or similar;
Good knowledge of social engineering tests;
Acquittance of Wi-Fi networks weaknesses and their methods of operation;
Experience with testing SCADA systems;
Experience in Red Teaming;
Examples of self-detected weaknesses in code;
Active participation in challenges like CTF.
We offer:
Full time employment contract or B2B – your choice!
Ability to work 100% remote or from our Poznan office;
Working with interesting and innovative project https://cdex.cloud/;
Working with international clients;
Training budget;
Ability to use Red Team knowledge base and work with the newest technologies.