Senior Security Engineer

Arbetsbeskrivning

Proactively hunt for threats and weaknesses, and undetected abuse by leveraging internal data, open-source intelligence, and third party private intelligence.
Investigate complex cases to understand in granular detail how abuse is occurring and attribute the person(s) responsible. Identify and implement appropriate online and offline enforcement strategies to mitigate harm both in the current case and from similar forward-looking abuse.
Research how threats show up within the ecosystem and deeply understand how abuse manifests. Discover and clearly explain emerging threats and trends, with an emphasis on geopolitical, cultural or societal-specific differences where appropriate.
Conduct realistic adversary simulations from conception through reporting.
Threat Modeling systems and applications and performing security reviews
Perform detailed penetration tests of web and mobile infrastructure
Identifying security risks and developing mitigation strategies
Develop tooling and automation to facilitate continual testing and increase coverage of penetration tests and other security assessments
Contribute to creation of security training and delivery to internal teams
Assist in the analysis and response to bug bounty programs



What skills, experiences, knowledge are a must?
5+ years of offensive security experience.
Scripting or programming experience preferred.
Direct experience with the techniques of the MITRE ATT&CK framework and the ability to leverage the framework for adversary simulations.
Advanced experience with Security Assessment Toolsets (Metasploit, NMAP, Cobalt Strike, Nessus, Burp Suite, PingCastle, etc.)
Comprehensive understanding of security methodologies, technologies, and best practices
Experience with Windows, Linux, UNIX, and Mac operating systems
Experience with open source investigation techniques and familiarity with a variety of internet research tools
Advanced experience in automation and scripting of applications and systems
Knowledge about CVE, Bug Bounty, and responsible disclosures
Scripting language proficiency (ex. Python, Bash, PowerShell)
Regional knowledge and/or language skills
Experience working with a team spanning multiple locations/time zones
Familiarity with sophisticated criminal or nation-state threats
Any information security certifications area plus i.e. OSCP, OSCE, OSWE, GPEN, GWAPT, and GCPN
Ability to self-motivate when given strategic goals
Excellent verbal and written communication skills
Desire to contribute to a team culture that fosters & lives by our core values:

Sammanfattning

  • Arbetsplats: Juni Technology AB Göteborg
  • 1 plats
  • Tills vidare
  • Heltid
  • Fast månads- vecko- eller timlön
  • Publicerat: 30 augusti 2021
  • Ansök senast: 9 september 2021

Postadress

Paradisgatan 21 A
Göteborg, 41316

Liknande jobb


Teknikspecialist svagströmsteknik med projektledaransvar

Teknikspecialist svagströmsteknik med projektledaransvar

20 december 2024

Director Health & Safety  Vattenfall

Director Health & Safety Vattenfall

19 december 2024

19 december 2024

19 december 2024