Lead Penetration Test Engineer / Threat Analyst (m/f/d) in Infopulse

Пряме повідомлення учасника, який розмістив вакансію, з Infopulse Iuliia Fitsak Iuliia Fitsak Senior Talent Acquisition Specialist @ Infopulse | Recruitment Expertise Infopulse, Part of TietoEvry Create, welcomes a talented professional to join our Security team as a Lead Penetration Test Engineer / Threat Analyst. We are looking for an experienced and responsible professional to be part of our expert team.Areas of ResponsibilityPerforming assessment of overall customer security level and suggest improvementsThreat modellingPerforming penetration testing, vulnerability scanning, secure code reviewsFull scope of penetration testing activities like: WEB applications, desktop applications, infrastructure, mobile applications (iOS, Android), IoT and embedded systems testingSecure development life cycle assessment and improvementsProviding L3 engineer support to the SOC team for complex security incidents, such as ATPManaging internal or external human resources for complex projectsDocumentation of internal methodology, procedures, and operations enhancementMentoring and knowledge sharing with team-matesQualifications5+ years of progressive experience in IT securityGood understanding of computer networks, clouds, security solutions and processesWell-developed administrative skills in OS (Windows and Linux), docker and cloud environments administration including understanding of and experience in security aspectsUnderstanding common security risks for IT infrastructure and it’s componentsThorough knowledge of common vulnerabilities (e.g., infrastructure, WEB, network, IOT)Understanding of common types of WEB security attacks (DNS cache poisoning, ARP spoofing, DDoS, XSS, CSRF, SQL Injection, etc.)Deep understanding of MITRE-stackUnderstanding of threat modelling methodologies (CAPEC, STRIDE, Attack Tree)Knowledge of the international standards and best practices: OSSTMM, NIST, OSSEC, PTES, MS Ent Cloud Red TeamingStrong programming skills in web-related languages including security aspects and best practicesExperience with C, Java, C# and other related languagesStrong cybersecurity analysis and situational awareness skillsExperience in security incidents detection and investigationEnglish: upper-intermediateWill be an advantageProfessional security certifications (e.g., CEH, CISSP, CISM, CISA, OSCP/OSCE)Experience of malware engineering and reverse engineeringLow-level programing skillsPersonal skillsProactive, result-oriented person, who is able to work individually and in a team Show moreShow less Position level Senior secondary level Type of employment Full time Job duties Engineering and Information Technologies Industries IT services and IT Consulting