Luxoft is a global leader in high-end software development.
Luxoft is looking for talents with a passion for technology & ready to create original solutions. Once on board, you are invited to expand your knowledge & skills, offering you a continuous learning experience helping you stretch your potential.
So if you’re enthusiastic by the idea of accessing cutting edge technology & innovation to make an impact, why don't you join us?
- Configure, run and monitor automated security testing tools
- Perform manual penetration testing of systems, web applications and networks to discover vulnerabilities
- Run manual validation of vulnerabilities
- Document exploit chain/proof of concept scenarios
- Propose mitigation and corrections
Qualifications:
- 3 to 5 years of overall technology experience. Strong knowledge of network, server and web application exploitation, ethical hacking, penetration testing and tool development on desktop, server, and mobile devices.
- Ability to plan, develop, and execute application security tests and document test results in a formal document.
- Ability to identify and explain suggested remediation steps to developers.
- Experience with industrystandard testing tools such as AppScan, Web Inspect, Burp Suite, Nessus, Nmap, metasploit and CANVAS.
- Technical experience in network security products, cryptographic suites, firewalls, Web Application Firewalls/Application Security Gateways, application servers, routers, IDS systems.
- Thorough knowledge of TCP/IP ports and protocols.
- Demonstrated experience in UNIX and Windows administration and scripting.
- Demonstrated experience in application level attacks including Web 2.0 technologies.
- Familiarity with common vulnerabilities in major operating systems (i.e., Windows, Unix and iOS/Android) and ability to track the emergence of new exploitation techniques.
- Clear understanding of how the software development lifecycle works in a large enterprise.
- Computer Science or related technical degree from an accredited institution, or equivalent work experience and practical knowledge.
- Professional certification (CISSP, CISM, MCSD, GIAC, or CEH preferred).
- Excellent presentation and communication skills.
- Excellent Technical and business writing skills.
Strongly Preferred:
- Programming ability or development experience in at least one of the following languages: .NET (ASP.NET), Java, Perl, Python, Ruby, C/C++/ObjectiveC.
Top-tier global financial services firm, a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity is committed to ensure the absolute security of its applications for clients and partners.
The Penetration Tester will be part of the group, responsible for security scans and vulnerability assessments, penetration testing against development and production systems, working with application developers to validate, assess, understand root cause and mitigate vulnerabilities, configuration and operation of scanning and testing tools and environment, documentation of test results, analysis of software security threats and plan tests.