Who we are?
Humanize is an innovative and data-conscious company transforming the cybersecurity landscape across various industries. With our cyber-AI technology, we empower decision-makers to get a comprehensive view of their company’s cyber condition and be one step ahead of adversaries that target them to compromise.
Job description:
We are looking for a Cybersecurity Specialist to join our team and perform security testing of applications, networks, and infrastructures, including vulnerability assessments, penetration testing, and manual security testing techniques.
The primary responsibility of this position is to conduct security and risk assessments, follow up remediation of identified vulnerabilities, participate in incident response, benchmark top security tools and proactively research future threats and attack vectors.
Job responsibilities:
- Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired and wireless networks, and mobile applications/devices
- Develop and maintain security testing plans
- Automate penetration and other security testing on networks, systems, and applications
- Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
- Produce actionable, threat-based, reports on security testing results
- Act as a source of direction, training, and guidance for less experienced staff
- Mentor and coach other IT or security staff to provide guidance and expertise in their growth
- Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
- Plan and create penetration methods, scripts, and tests
- Simulate security breaches to test a system's relative security
- Create reports and recommendations from your findings, including the security issues uncovered and the level of risk
- Advise on methods to fix or lower security risks to systems
- Present your findings, risks, and conclusions to management and other relevant parties
- Consider the impact your 'attack' will have on the business and its users
- Understand how the flaws that you identify could affect a business, or business function if they're not fixed
- Manage network forensics and incident response when assigned
- Perform special security projects on an ad hoc basis.
Required qualifications:
- Previous hands-on experience in penetration testing and vulnerability assessments
- Bachelor’s degree in Computer Information Systems, Management Information Systems cybersecurity, computer science, information technology, or a related field is a plus.
- In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell)
- Hands-on experience with testing frameworks such as the PTES and OWASP
- Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
- Proficiency in scripting languages
- Ability to identify and exploit vulnerabilities
- Knowledge of technical systems and terminology
- Critical thinking, problem-solving and analytical skills
- Good written and verbal communication skills in English
- Excellent organizational and time management skills
Additional information:
- Competitive salary and performance bonuses
- Health insurance
- Paid day-offs
- Professional development training & certifications
- Teambuilding and corporate events
- Stock options
- Being a member of the technology creators’ team
- Being a part of a fast-growing cybersecurity startup
Nice to have:
- Professional certification is an advantage (OSCP, OSCE, GIAC CPEN, CREST CRT, CEH or equivalent)
- Knowledge of information security standards such as ISO27001, PCI DSS, GDPR, NIST, SOX
- Experience with systems development, systems administration and/or network administration
- University degree from an accredited college or university, or equivalent
- Previous experience in Responsible Disclosure & Bug Bounties.
Required candidate level:
Middle
How to apply:
Interested and qualified candidates are welcome to send their CVs to the email address [email protected] mentioning “Cybersecurity Specialist” in the subject line.
Please kindly note that only shortlisted candidates will be contacted for the interview.
Learn more about Humanize