BrainRocket company
BrainRocket is a software development company and digital solutions provider. The company has created over 40 cutting-edge products spanning 20 different markets.
Our team of around 650 tech-savvy professionals successfully deliver scalable projects that are custom-made to the customers’ needs.
We also strive to create a culture centred around personal and professional growth for employees, in a positive and welcoming environment
✅ Responsibilities
✔️ Conduct web application, mobile application, network, wireless, and operational technology penetration tests.
✔️ Conduct security assessments of cloud environments and application source code review.
✔️ Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST).
✔️ Maintain and finetune, methodologies and infrastructure to support penetration testing engagements in a variety of cloud environments and novel platforms
✔️ Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics
✔️ Use common penetration testing and red-team tools, tactics, techniques, and procedures.
✔️ Utilize custom penetration testing tools, frameworks, and infrastructure.
✔️ Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation.
✔️ Work with security and engineering teams to communicate findings, recommendations, and knowledge to key stakeholders
✔️ Evolve our capabilities and toolset.
✔️ Penetration Testing in this domains:
- Web Applications, Network (Internal / External), Mobile Applications, Cloud Environments, Phishing
✅ Minimum Requirements
✔️ 5+ years experience pen testing services deployed in public cloud infrastructure
✔️ Solid understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
✔️ Knowledge of web and security protocols: HTTP, REST, CSP, CORS, OAuth
✔️ Deep familiarity with current offensive security practices, bug bounty programs, CTFs, fuzzing, and other pen test tools and techniques
✔️ Offensive Security Certified Professional
✅ PREFERRED QUALIFICATIONS:
✔️ 7+ years experience working in an information security disciplineAbility to find and exploit bugs in:
✔️ JavaScript, Typescript
✔️ Kubernetes, AWS, GCP, Firebase
✔️ Memory management, namespaces, cgroups, etc.
✔️ Prior experience working in a high growth, cloud native technology company
✔️ Fluency in one or more programming or scripting languages: JavaScript, Python, Go
✔️ Contributions to the security community, such as open source tools, research papers, conference talks, etc.
✅ We offer excellent benefits, including but not limited to:
🧑🏻💻Learning and development opportunities and interesting challenging tasks;
📝Official employment in accordance with the laws of Cyprus and the EU, registration of family members;
✈️ Relocation package (tickets, staying in a hotel for 2 weeks);
🏋️♂️ Company fitness corner in the office for employees;
📚 Opportunity to develop language skills and partial compensation for the cost of language classes;
🎁 Birthday celebration present;
🏝 Time for proper rest and 24 working days of Annual Vacation;
🍲 Breakfasts and lunches in the office (partially paid by the company).
