IT Security Specialist (Penetration Tester)

Employer: Bit Sentinel
  • Internet - eCommerce
  • IT Hardware
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
  • Updated at: 15.09.2019
    Short company description

    Bit Sentinel activeaza in domeniul securitatii cibernetice, avand drept obiectiv asigurarea protectiei impotriva atacurilor cibernetice. Compania ofera servicii complete de securitate informatica, precum: penetration testing, protectie impotriva malware, servicii de consultanta pentru GDPR, recuperarea datelor in urma atacurilor cibernetice, rezolvarea atacurilor de tip zero-day sau audit in securitate.

    In acelasi timp, ofera sesiuni de training in lupta impotriva atacurilor cibernetice, creand cursuri si programe speciale pentru pasionatii de securitate care doresc sa invete notiunile de baza. Bit Sentinel face parte din echipa ce organizeaza una din cele mai mari competitii internationale de tip Capture the Flag: DefCamp Capture the Flag. In 2019 Bit Sentinel coordoneaza a 6-a editie a Campionatului European de Securitate Cibernetica.


    Requirements and Qualifications:
    - Previous hands-on experience in penetration testing and vulnerability assessment
    - Experience in information security and technical aspects thereof
    - Experience of web application testing, infrastructure testing, manual testing, code reviews
    - Knowledge of web technologies and communication methods
    - Familiarity with general application and network security concepts
    - Strong organizational skills and detail-oriented
    - Strong presentation, written and verbal communication skills
    - Self-starter, doesn’t want to be micromanaged
    - Excellent team player

    Good to have:
    - Professional certification is an advantage (OSCP, OSCE, GIAC CPEN, CREST CRT, CEH or equivalent)
    - Knowledge of information security standards such as ISO27001, PCI DSS, GDPR
    - Experience with systems development, systems administration and/or network administration
    - University degree from an accredited college or university, or equivalent
    - Previous Experience in Responsible Disclosure & Bug Bounties


    The primary responsibility of this position is to conduct security assessments and penetration tests, follow up remediation of identified vulnerabilities, participate in incident response and proactively research future threats.

    Main responsibilities:
    - Perform application penetration testing against corporate and customer software applications
    - Conduct vulnerability assessments on Internet-facing systems and internal systems
    - Document technical issues identified during security assessments and incidents and write reports
    - Follow up on implementation of corrective actions from assessments and incidents
    - Research security threats and attack vectors
    - Manage network forensics and incident response when assigned
    - Perform special security projects on an ad hoc basis

    Other info

    Benefits package:

    We offer
    - Professional and friendly working environment
    - Professional development through specific trainings/certification
    - Excellent job perspective for the future
    - Exciting career in a dynamic, growing organization with a very diverse portfolio
    - Possibility to be part and participate at DefCamp - largest cybersec company from CEE
    - Work from Home Option available
    - Attractive compensation package: fixed salary compensation along with rewards & incentives performance-related bonus scheme
    - Certification exams compensation

    Other info:
    Besides providing cyber security services & advisory for companies from different sectors such as Fintech, Healthcare, Real Estate, Retail, Ecommerce, Online, Startups, Blockchain, Critical Infrastructures etc. we are also:
    -> Involved as one of the key technical partners from the RESISTO project: an innovative solution for Communication CIs holistic situation awareness and enhanced resilience
    -> Technical coordinator for the National Phase & Selection of National Teams of European Cyber Security Challenge, one of the most important cybersecurity competitions from Europe
    -> Developer & Technical Coordinator of Business Internet Security Threat Map, a technology developed by us for Orange Romania that presents the visualization from a high overview perspective of the data gathered from the Orange Romania Business Internet Security agents deployed across Romania
    -> Developer & Maintainer of RO Hacked – Register and Catalog Web Attacks Against Websites from Romania