IT Security Specialist (Penetration Tester)

BIT SENTINEL is an information security company that aims to protect businesses against cyber threats by offering a variety of services including penetration testing, malware protection, cyber attacks recovery, 0day attacks mitigation, security audit, trainings and even preparing various competitions. For us, working together to ensure a secure & brighter future is no longer a cliche, we enjoy to explore innovations and permanently developing towards testing new technologies. We believe that technology is essential for driving human progress, and we’re doing our best to bring it one step closer to secure.

Requirements and Qualifications:
- Previous hands-on experience in penetration testing and vulnerability assessment
- Experience in information security and technical aspects thereof
- Experience of web application testing, infrastructure testing, manual testing, code reviews
- Knowledge of web technologies and communication methods
- Familiarity with general application and network security concepts
- Strong organizational skills and detail-oriented
- Strong presentation, written and verbal communication skills
- Self-starter, doesn’t want to be micromanaged
- Excellent team player

Good to have:
- Professional certification is an advantage (OSCP, OSCE, GIAC CPEN, CREST CRT, CEH or equivalent)
- Knowledge of information security standards such as ISO27001, PCI DSS, GDPR
- Experience with systems development, systems administration and/or network administration
- University degree from an accredited college or university, or equivalent
- Previous Experience in Responsible Disclosure & Bug Bounties

The primary responsibility of this position is to conduct security assessments and penetration tests, follow up remediation of identified vulnerabilities, participate in incident response and proactively research future threats.

Main responsibilities:
- Perform application penetration testing against corporate and customer software applications
- Conduct vulnerability assessments on Internet-facing systems and internal systems
- Document technical issues identified during security assessments and incidents and write reports
- Follow up on implementation of corrective actions from assessments and incidents
- Research security threats and attack vectors
- Manage network forensics and incident response when assigned
- Perform special security projects on an ad hoc basis

Benefits package:

We offer
- Professional and friendly working environment
- Professional development through specific trainings/certification
- Excellent job perspective for the future
- Exciting career in a dynamic, growing organization with a very diverse portfolio
- Possibility to be part and participate at DefCamp - largest cybersec company from CEE
- Work from Home Option available
- Attractive compensation package: fixed salary compensation along with rewards & incentives performance-related bonus scheme
- Certification exams compensation

Other info:
Besides providing cyber security services & advisory for companies from different sectors such as Fintech, Healthcare, Real Estate, Retail, Ecommerce, Online, Startups, Blockchain, Critical Infrastructures etc. we are also:
-> Involved as one of the key technical partners from the RESISTO project: an innovative solution for Communication CIs holistic situation awareness and enhanced resilience
-> Technical coordinator for the National Phase & Selection of National Teams of European Cyber Security Challenge, one of the most important cybersecurity competitions from Europe
-> Developer & Technical Coordinator of Business Internet Security Threat Map, a technology developed by us for Orange Romania that presents the visualization from a high overview perspective of the data gathered from the Orange Romania Business Internet Security agents deployed across Romania
-> Developer & Maintainer of RO Hacked – Register and Catalog Web Attacks Against Websites from Romania