Penetration Tester

At Evolve today we offer complex Human Resources services, from business consulting to headhunting and recruitment. We have extensive experience in finding talented professionals, for a variety of industries, especially in the IT sector.
We started with a dream: to create a Human Resources company with a strong, unique profile on the market, deeply shaped by our core values: commitment to performance, professionalism, a balanced approach and deep satisfaction for our clients.
From that moment, we nurtured special relationships and we continuously evolved, being flexible, but staying true to our values. We aim higher and higher and we invite you to EVOLVE with us!

Four our partner, a fast growing company with multiple software and infrastructure projects running in parallel, with great teams situated in Romania, France, Switzerland, Spain and the UK we are looking for a professional Penetration Tester to whom is given the opportunity to apply his/ her creativity, business knowledge, and technical skills on a daily basis using new and innovative tools/techniques in a collaborative environment.

We will be thrilled if you`ll have an open mindset that enjoys working and sharing information with others. Also, a strong passion for IT Security, creativity, a curious mind and always wanting to push the limits, are all traits that we appreciate.

Required traits and experience:

Minimum 2 years of penetration testing experience or proven equivalent skills.
Understand how computer/device networks work (TCP/UDP, NAT, Firewalls, Routers, switches, routing, server client communication, OSI layers).
Understand how operating systems work: Linux (good knowledge), Windows (Intermediate), macOS (nice to have).
Practical experience with web applications fuzz testing.
Security oriented programming for exploit development/automation.
Practical experience with Metasploit framework.
Good knowledge of the main tools and frameworks integrated in Kali Linux.
Knowledge of exploitation techniques.
Any security certification is a “nice to have” but practical skills are the most important.
Familiarity with OWASP testing methodology and secure coding best practices.
Good understanding of Secure SDLC/SDL.
Able to have technical and non-technical conversations in English.
Ability to express highly technical information into plain English (executive overview, business feedback, presentations).
Be able to write documents/emails in English, with proper grammar.
Comfortable initiating and controlling conversations with new people.
Able to create an individual’s profile and then use it to obtain information.
Overall passion for security.

What the role will involve:

Monitor company’s information flow and enforce PCI DSS and GDPR ruleset.
Plan penetration tests and estimate effort.
Execute threat/attack modelling on company’s products.
Perform penetration tests on company’s full infrastructure (web apps/cloud apps, bare-metal servers, VM’s, desktops, wireless/Ethernet networks).
Create clear reports at the end of the penetration tests.
Help improve the company’s overall security awareness through information sharing, presentations, communication with other teams (Dev, DevOps, HR, etc).
Write PoC code for discovered vulnerabilities.
Constantly research information security threats and solutions.

What we offer:

Office Location: Aurel Vlaicu, near Promenada Mall
Modern office environment with all the work and play amenities
An amazing platform for learning and development.
Free will in choosing testing technologies or developing new ones.
Freedom to execute numerous Social Engineering scenarios.
Flexible working schedule.