Job Description
About the project – №1 Travel platform in the world!
We believe that we are better together, and we welcome you for who you are. Our workplace is for everyone, as is our people powered platform. At company, we want you to bring your unique perspective and experiences, so we can collectively revolutionize travel and together find the good out there.
Product is the world’s largest travel site, operates at scale with over 500 million reviews, opinions, photos, and videos reaching over 390 million unique visitors each month. We are a data driven company that leverages our data to empower our decisions. Product is extremely excited to play a pivotal role in supporting our travelers.
Are you passionate about breaking into web applications and networks and exposing vulnerabilities and help fix them? Are you looking to thrive in a fast-paced environment? If so, our client is looking to hire a Penetration Tester for our security team. In this role you will evaluate the security posture of the client’s applications and network assets.
Responsibilities include but not limited to:
- Performing and/or coordinating manual Attack and Penetration (A&P) testing, utilizing and leveraging the latest technologies in this role
- Strong IaaS security skills, with a focus on cloud technologies like AWS, Azure, GCP
- Performing red team assessments
- Responding to new security threats and help implement new requirements as needed
- Work in a team environment while maintaining confidentiality of investigation information
- Deep knowledge of working with OWASP concepts for various solutions
- Experience with security vulnerability and penetration tools with one or more of the following tools: Nessus, Burp Suite, Qualys, Tenable, PowerShell, Electra, Cydia Impactor, Wireshark, ADB, and Drozer.
- Bug bounty participation is a plus
Requirements:
- Bachelor's degree, preferably in a technical field i.e. Information Systems or Computer Science.
- Security certifications are desired but not required (CISSP, GIAC, CEH, MSCE, CSSLP).
- Ethical Hacker Certification or Similar skills
- At least 3 years of demonstrated manual security testing
- Experience implementing and operating security technologies and processes in a hybrid cloud environment, such as AWS or Azure and customer premise
Why join us:
- Ability to work remotely from anywhere in the world
- Close cooperation with the development team and client
- Opportunity to influence product development
- Professional growth: the certification preparation course is free for our specialists. The company pays for two attempts to pass the exam, regardless of the exam result
- We cover English classes (with a native speaker)
- Boost professional brand: you can participate in local conferences as a listener or as a speaker
- Regular team buildings: have fun with teammates
- Gifts for significant life events (marriage, childbirth)
- Tech and non-tech Zazmic Communities: support and share experience with each other
