WEB SECURITY SPECIALIST (Pentester/Ethical Hacker), KOVALSKY & PARTNERS, Praha hl.m., Prague
The CoE for Web Security supports services for the Secure SDLC. Specialist is responsible for performing SCR and DS using manual and automatic tools. Maintain/design guidelines for secure web application infra architecture, settings and assesment. Knowledgeshare of infrastructure securty to infra egeneers. Consultancy on Web Application infrastructural settings.
What will be your key responsibilities:
Planning and execution of static source code reviews according to the OWASP ASVS standard
Planning and execution of dynamic security assesments according to the OWASP ASVS standard
Knowledge transfer to (Web) application developers and infra engineers (being a trainer)
Acquire secure coding libraries and implement test tools (static & dynamic) for the CoE clients
Improve the security posture by own research, tool development and training
Participation on the rest of the services dilevered by CoE
Consultancy on Web Application Firewall settings (F5, mod security)
What experience should you have:
Bc university technical education
English level C1
Experience with programming and developing the web applications. (.Net, Java, PEGA, Python, shell scripting, Objective-C)
Experience with application penetration testing according to the OWASP ASVS standard
IT administrator skills (unix, linux, win, dns, vpn, firewalls)
Strong interpersonal and communication skills
Ability to transfer knowledge to software designers, developers and infra engineers
Ability to write guidelines
Ability to absorb a new techniques for protecting web applications
What do you get in return:
Except a good team, nice work environment, stable society and interesting financial evaluation? You can also expect a sophisticated benefits system
Rohlik Group
Prague – Karlín
By agreement
