RESPONSABILITIES
Your main challenges are most probably within the following scope:
​
• Assist your team leader in assuring the corporate security policy is suitably in place;
• Conduct physical security assessments of servers, systems and network devices;
• Perform formal penetration tests on web-based applications, networks and computer systems;
• Design and create new penetration tools and tests;
• Probe for vulnerabilities in web applications, fat/thin client applications and standard applications;
• Pinpoint methods that attackers could use to exploit weaknesses and logic flaws;
• Employ social engineering to uncover security holes (e.g. poor user security practices or password policies);
• Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies;
• Research, document and discuss security findings with management and IT teams;
• Review and define requirements for information security solutions;
• Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets;
• Provide feedback and verification as an organization fixes security issues.
REQUIREMENTS
Degree Requirements
​
We expect you to hold a bachelor or master’s degree in engineering fields or related.
​
​
Hard Skills
​
Our team members are mostly familiar with:
​
• Windows, UNIX and Linux operating systems;
• C, C++, C#, Java, ASM, PHP, PERL;
• Network servers and networking tools (e.g. Nessus, nmap, Burp, etc.);
• Computer hardware and software systems;
• Web-based applications;
• Security frameworks (e.g. ISO 27001/27002, NIST, HIPPA, SOX, etc.);
• Security tools and products (Fortify, AppScan, etc.);
• Vulnerability analysis and reverse engineering;
• Metasploit framework;
• Forensics tools;
• Cryptography principles.
​
​
Soft Skills
​
As for most of positions at Trust, we value creativity, problem-solving and analytical thinking. Communication skills are essential, including the ability to document your processes (writing reports and assessments).