Cyber Security Intern

This job is no longer active!

View all jobs Deloitte Romania active


View all jobs Cyber Security Intern active on Hipo.ro

View all jobs IT Software active on Hipo.ro

View all jobs Management - Consulting active on Hipo.ro


Employer: Deloitte Romania
Domain:
  • IT Software
  • Management - Consulting
  • Job type: full-time
    Job level: 0 - 1 years of experience
    Location:
  • BUCHAREST
  • Updated at: 10.11.2020
    Remote work: On-site
    Short company description

    Voted the Most Desired Employer in Romania, in the Financial Services Industry, five consecutive times, in the Catalyst surveys, Deloitte Romania provides services in audit, tax, legal, consulting, financial advisory, risk advisory, business processes as well as technology services, through 2,000 professionals. The Regional Audit Delivery Center (RADC) provides Audit services to various Country Member Firms from Deloitte Central Europe and to their clients. The Tax & Legal Delivery Center (TLDC) offers services focused on 5 service lines: GES (Global Employer Services), Business Tax, Global Tax Center Europe, Global Trade Advisory (GTA) and Legal Center of Excellence (CoE).
    Worldwide, Deloitte serves four out of five Fortune Global 500 companies through a globally connected network of member firms in more than 150 countries and territories, with over 330,000 professionals. The organization is recognized among “World’s Best Workplaces™” by Great Place to Work® and Fortune and among “World’s Most Attractive Employers”, by Universum, according to 2020 surveys.

    We believe that innovation comes from contrasting disciplines, backgrounds and cultural perspectives and that the innovative solutions our people deliver have to always make an impact that matters. We celebrate individual strengths and we prioritize our people’s well-being.

    You bring the ambition, we’ll provide the opportunities.

    Requirements

    This position provides a good opportunity for specialists to establish themselves in their careers quickly. It’s a great opportunity for those who are skilled hackers, but perhaps still early in their career or looking for their first full time penetration tester role. We have a highly skilled team and hence there is an opportunity to learn and be involved in a wide variety of projects.

    The Intern will support the daily operation of the Cyber Risk Advisory department. You will have the opportunity to assist with conducting risk assessments security audits vulnerability/penetration tests with commercial open-source and self-developed tools and techniques. As an intern we will help you out in getting better at:
    o Web and mobile application penetration testing.
    o Application source code review
    o Network penetration testing (external & internal), to include vulnerability exploitation and pivoting to gain remote system access.
    o Documenting technical issues identified during security assessments
    o Vulnerability research and exploit development

    Nice to have:
    o Some knowledge of fuzzing, reverse engineering and exploit development
    o Some knowledge of malware analysis
    o Some knowledge of cryptanalysis, cryptographic flaws
    o Knowledge of a scripting language such as Python (preferred), Ruby, PowerShell, or Bash, for the development of new, or editing existing, tools.
    o Evidence of rapidly and confidently gaining knowledge of, and applying knowledge of, emerging technologies, vulnerabilities, and penetration testing tools and techniques.
    o Excellent time management including setting priorities and goals to complete assigned and arising tasks.

    Desirable
    o Knowledge of Open Source Intelligence gathering techniques. Including but not limited to use of Google dorks, DNS, domain registration, certificate transparency, and other public sources of information.
    o Experience with live bug bounties, particularly where automation has been implemented.
    o Knowledge of security considerations in the cloud (AWS, Azure, and GCP), particularly identifying vulnerable configurations through management and API access along with exploitation of web/infrastructure vulnerabilities specific to cloud environments.
    o Knowledge of mobile application vulnerability identification and exploitation including but not limited to Android and iOS app structure, decompliation, code signing, and traffic interception.


    Extra credits:
    o Solid networking skills, recognized certifications;
    o Proof of experience in playing in CTF challenges and/or cyber exercises;
    o GitHub repository of own developed tools or starred projects;
    o Security blog or list of online security resources (websites, RSS feeds, twitter lists);
    o SCADA / industrial systems management or security experience;

    Responsibilities

    • Researching on testing, vulnerabilities and remediation
    • Build and break internal/external CTF challenges
    • Manual identification and exploitation of vulnerabilities
    • Manual verification and exploitation of scanner findings
    • Detailed analysis of issues identified and exposure for the customer including proof of concept, reproduction steps, and recommended remediation
    • Assisting in the continual development of the team and service through research and development activities. This includes the development of in-house tools the implementation of tools released to the community, and design and documentation of new and existing internal systems and processes.
    • Continual professional development to maintain and develop knowledge and technical competencies
    • Contributing to the writing and publishing of whitepapers and advisories
    • Undertaking projects and support tasks as appropriate to the role

    Job-uri similare care te-ar putea interesa:

    Hybrid

    Aplica fara CV
    BUCURESTI, Ilfov, Otopeni,

    Aplica fara CV
    BUCURESTI, Buftea, Otopeni,

    Vezi job-uri similare (460)