KPMG - Penetration tester

[Nytro]

Firma: KPMG - In echipa cu mine.

IMPORTANT! Thank you for your CV! In order to make sure your application will be taken into consideration, please apply also to:Career news & insights | KPMG | RO

Who are we?

KPMG is a global network of professional services firms providing Audit, Tax and Advisory services with an industry focus. We operate in 152 countries and have more than 145,000 professionals working in member firms around the world. KPMG has been in Romania and Moldova since the early 90`s. We now operate with 800 people from six offices in Bucharest, Cluj, Timisoara, Iasi, Constanta and Chisinau and we are one of the leading professional services firms in the Romanian and Moldovan markets.

What are we looking for?

An IT Security Consultant (Penetration Tester/ Ethical Hacker) for our IT Advisory team.

Job profile:

• Conduct technical security assessments and information security projects which require expertise in one or more of the following areas: Penetration Testing / Ethical Hacking, Vulnerability Assessments and IT Security Audits;

• Identify and exploit technical vulnerabilities in clients’ systems, assess business risks of the technical vulnerabilities and communicate to client personnel;

• Perform security configuration analysis for various operating systems, especially Windows and Linux / UNIX;

• This is a position in the Penetration Testers Team which requires quick learning and working with new technologies, tools and techniques.

Some typical projects that you will work on (depending on your expertise) are:

• Web application penetration testing: try to find vulnerabilities in web applications (ex. Internet Banking, eCommerce websites, web portals, etc) and report them to the clients. Try to exploit these vulnerabilities in order to prove their business impact.

• Internal network penetration testing: simulate a malicious person who already has access to the internal network of the customer (ex. visitor, consultant, etc). Starting only from a simple network port access you will have to gain access to sensitive information from the client's internal network, gain Domain Admin access or reach other flags.

• Mobile application penetration testing: try to find vulnerabilities in mobile applications (Android, iOS, Windows phone) and suggest corrective measures in order to improve their security.

• Other types of technical projects that will involve your imagination and out-of-the-box thinking may also occur.

• It is sometimes required to make demonstrations and presentations to clients.

• We encourage technical research and presenting our results to hacking conferences - local and international.

Specific requirements:

• Since IT Security is a multidisciplinary field, we are looking for a person who has a broader understanding of technical concepts from one or more of the following areas: web applications, system administration, networking, software development.

• In order to understand the technical level that we need, here are a few terms/concepts that we expect you to be familiar with: OWASP Top 10, HTTP protocol, SSL, SQL, JavaScript, buffer overflow, TCP/IP, DNS, wireshark, nmap, Linux shell commands, Kali and others.

• You also must be able to express your findings in very good technical and business English (oral and written).

• Other desired requirements are:

- Bachelor’s degree in an IT related field;

- Hands-on experience in at least one of the following: security testing, web application development/testing, system administration, networking, software development;

- Work effectively either individually or as a member of a multi-skilled team;

- Professional discipline, accuracy, reliability and excellent analytic skills;

- Strong interpersonal skills, team spirit, resilience, flexibility, adaptability and self-motivation.

Will be considered a plus Certifications such as: OSCP, OSCE, CEH, LPT, CCNA, MCSE.

Nota: Va pot oferi orice fel de informatie (non-confidentiala). PM daca sunteti interesati.

Bestjobs: IT Security Consultant la S.C. KPMG ROMANIA SRL, BUCURESTI - BestJobs

[Nytro]

Deci, cine mai e interesat? Bucuresti. Avem ping-pong, biliard si "fun-room", saptamanal fotbal