Job Title : Penetration Test Engineer
Work location: Philippines
Need Status : Moderate
Recruitment requirements
1. More than 5 years experience in security industry;
2. Possess the independent penetration ability of high-weight websites;
3. Familiar with OWASP TOP 10 related attacks and prevention methods, able to conduct black box penetration testing, malicious code detection and analysis;
4. Proficient in the principles and defense methods of common web/mobile terminals (such as XSS, CSRF, DDoS, etc.), systems, and business vulnerabilities, and can independently discover and repair the above-mentioned vulnerabilities;
5. Proficiency in a programming language, such as Java, PHP, Python, etc.; proficiency in the use of security testing related tools, including but not limited to NMAP, SQLMAP, NESSUS, APPSCAN, HASHCAT, FORTIFY, etc., can conduct comprehensive vulnerability mining for applications ;
6. Have a good sense of responsibility, teamwork spirit, professionalism, communication skills and document writing skills;
7. Familiar with mainstream security technologies, such as network security, host security, application security, encryption technology, etc.;
8. Have a certain document foundation, and can independently complete the evaluation report of the relevant system and the analysis report of the security incident;
9. Certificates such as CISP and CISSP are preferred.
Job Responsibilities
1. Responsible for WEB/APP mobile terminal security black box testing, such as SQL injection, XSS attack, command injection, CSRF attack, upload vulnerability, parsing vulnerability, business logic vulnerability and malicious code detection and analysis, URL redirection, phishing, common Exploitation and repair of web security vulnerabilities;
2. Proficient in Trojan horse avoidance, program reverse, and can independently analyze backdoor files;
3. Familiar with the principles of protective equipment such as waf and ips, and be able to bypass protective equipment for the environment;
4. Proficient in social engineering attacks, able to carry out social engineering attacks in a highly secure penetration environment, including but not limited to cast-net phishing and directional deception.
company benefits
1. Remote home, the working hours are from Monday to Saturday, and the week is off. There is no need to clock in, and there is no requirement to work for 8 or 9 hours a day. The main purpose is to communicate and respond to work needs. Generally, there are more communications from afternoon to evening a little
2. It is required to be in the Philippines, and those who are not can arrange to come to the Philippines
3. Guaranteed minimum salary of 13 at the end of the year, working from home in the Philippines
4. Housing allowance + meal allowance = 24000p
5. Take Chinese holidays, the annual leave varies from 3 to 15 days
To apply for a position, please contact:
Email : grace@funjobs.careers
WeChat : grace5348
Telegram: @grace5348
contact number : +6011 5755 4203