We are currently looking for Penetration Testers to work on application security (web, mobile, desktop, embedded) and IT infra security assessment assignments.
Positions are full-time, compensation is experience and skill based fixed monthly salary with benefits. We provide a modern working environment and tools of the trade. This role is not location specific and can be carried out remotely as well.
What we need from you:
-penetration testing experience
-knowledge of web app security
-experience using Burp Suite and Kali Linux
-English (both written and spoken)
What we would also like from you:
-network protocols insight
-Finnish (both written and spoken)
-good communication skills
-organized and result oriented attitude
-detail -oriented character
In this role, you will be engaging in customer projects having for example the following responsibilities:
-Conduct network and application penetration tests, vulnerability assessments, and architecture reviews
-Develop comprehensive and accurate reports and presentations for both technical and executive audiences
-Participating in (online) meetings with clients to review the assessment results and consult the clients on potential remediation options
-Re-testing fixed security vulnerabilities and updating the report
The following technical experience and industry exposure we typically look for in a candidate:
-Understanding of security fundamentals, information systems and network protocols
-Understanding of web application security and related protocols
-Familiarity with the common security tools (Burp Suite, Kali Linux etc.)
-Knowledge of frameworks and standards (e.g. OWASP, ISO 27001, NIST)
-Familiarity with various operating systems (Windows, Linux, BSD, OSX, Android, iOS)
Other valued skills and characteristics:
-Cyber security, information security and pen-testing focused certifications such as OSCP, CRTP, GPEN, CISSP, CISA or equivalent
-Applicable formal education and prior industry experience
-Solid written and verbal communication skills (Finnish and English)
-Strong attention to detail
-Solid commitment to providing quality and detail-oriented work
-If you have experience with bug bounty programs (HackerOne, Bugcrowd etc) or simulated hacking platforms, such as HackTheBox, please provide a link.
-Sports and culture benefit
-Competitive experience based salary
We encourage continuous learning and advances in professional career through trainings and certifications. We work in a dynamic and modern ICT environment with low bureaucracy, slim processes and fast decision-making. You will be able to influence the company matters and to contribute to the ways of working.
elfGROUP Cyber Security Services specializes in improving corporate cyber security assurance and in protecting the most important corporate asset - the information. Our services strengthen the brand of companies, software products and cloud services and promote trustworthiness in customer relationships.
We help businesses assess, audit and develop their technical cyber security postures, cyber defense and technical and administrative governance procedures. We support companies and organizations in managing their cyber security requirements and by performing architecture security assessments and penetration testing. We work with the entire IT architecture stack and are committed to always operate in a vendor and product independent way.
elfGROUP is an ISO 9001 and ISO 27001 certified entity and works with corporations and organizations that handle sensitive information. Read more: https://www.elfgroup.fi/about_us
We strive for technical excellence, great competences and expectations exceeding deliverables.