Job Title : Penetration Test Engineer
Work location: Philippines
Need Status : Moderate
Recruitment requirements
More than 1.5 years experience in security industry;
2. Possess the independent penetration ability of high-weight websites;
3. Familiar with OWASP TOP 10 related attacks and prevention methods, able to conduct black box penetration testing, malicious code detection and analysis;
4. Familiar with the principles and defense methods of common web/mobile terminals (such as XSS, CSRF, DDoS, etc.), systems, and business vulnerabilities, and can independently discover and repair the above vulnerabilities; master a programming language, such as Java, PHP, Python, etc.;
5. Proficiency in using tools related to security testing, including but not limited to NMAP, SQLMAP, NESSUS, APPSCAN, HASHCAT, FORTIFY, etc., can conduct comprehensive vulnerability mining for applications;
6. Have a good sense of responsibility, teamwork spirit, professionalism, communication skills and document writing skills;
7. Familiar with mainstream security technologies, such as network security, host security, application security, encryption technology, etc.;
8. Have a certain document foundation, and can independently complete the evaluation report of the relevant system and the analysis report of the security incident;
9. Certificates such as CISP and CISSP are preferred.
Job Responsibilities
1. Responsible for WEB/APP mobile terminal security black box testing, such as SQL injection, XSS attack, command injection, CSRF attack, upload vulnerability, parsing vulnerability, business logic vulnerability and malicious code detection and analysis, URL jump, phishing, common Exploitation and repair of web security vulnerabilities;
2. Proficient in Trojan horse avoidance, program reverse, and can independently analyze backdoor files;
3. Familiar with the principles of protective equipment such as waf and ips, and be able to bypass protective equipment for the environment;
4. Proficient in social engineering attacks, able to carry out social engineering attacks in a highly secure penetration environment, including but not limited to phishing and directional deception.
company benefits
1. Remote home, the working hours are from Monday to Saturday, and the week is off. There is no need to clock in, and there is no requirement to work 8 or 9 hours a day. The main purpose is to communicate and respond to work needs. Generally, there are more communications from afternoon to evening a little
2. It is required to be in the Philippines, and those who are not can arrange to come to the Philippines
3. Basic salary range 30-60 plus bonuses and dividends
4. Guaranteed minimum salary of 13 at the end of the year, working from home in the Philippines
5. Housing allowance + meal allowance = 24000p
6. Take Chinese holidays, the annual leave varies from 3 to 15 days
To apply for a position, please contact:
Email : grace@funjobs.careers
WeChat : grace5348
Telegram: @grace5348
contact number : +6011 5755 4203