Are you interested in automating the build and deployment process of the application with ensuring the application security? If yes, then Payatu is the place for you. We are always insearch of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you.
Who we are ?
Payatu is an ISO certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI / ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual.
What we look for outside work parameters ?
- Your expertise is your primary qualification, not your degree or certification.
- Your publicly known contributions are your credentials.
- Papers you have written, tools you have developed are your references.
- Your write-up reflects your interests and ethics.
- Your published exploits, your CTF scores, and hall of fame listings are the testimonies of your work.
- Your research paper was published and presented at conferences.
- You are learning from the community and enthusiastically contributing back.
You are a perfect technical fit if :
Strong fundamental of application and network protocols.Stronghold on Web application security concept and penetration testing skill.Experience with mobile platforms (iOS and Android) and associated security tools.Collaborate with development teams to integrate security into SDLC (DevSecOps).Good command of at least one programming language.Good understanding of OWASP Top 10 and other web-related vulnerabilities as well as logic flaws.Hands-on experience in performing penetration testing of web-based applications preferably in the financial domain.Good to have experience in working alongside the development / QA teams.Good report writing and presentation skills.Should be able to suggest optimum security improvements to application components.You Have All Our Desired Qualities, if :
Experience in web application and web service security assessment.You have a history of publishing or presenting good research.You have the knack of finding security bugs in everything you touch.You like automating stuff.Previous working experience as a Penetration Testing Expert for 3 - 7 year.BE in Computer Information Systems, Management Information Systems, or similar relevant field.In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell).Must know about standard Industry security Practices (OWASP, SANS, etc),Knowledgeable about industry Security guidelines and compliance such as ISO27001, SOC2, HIPPA etc.Hands on experience with testing frameworks such as the PTES and OWASP.Applicable knowledge of Windows client / server, Unix / Linux systems, Mac OS X, VMware / Xen, and cloud technologies such as AWS, Azure, or Google CloudCritical thinker and problem solver.Excellent organizational and time management skills.Your everyday work will look like :
Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired, wireless networks, and mobile applications / devices, Cloud (Azure, AWS, Google Etc) apps and software's.Set up environment and maintain required tools needed for the team.Lead and manage Penetration Testing team and Supporting vendors to get qualitative deliveries to our customer.Develop and maintain security testing plans.Able to automate penetration and other security testing on networks, systems and applications.Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk.Produce actionable, threat-based, reports on security testing results.Act as a source of direction, training, and guidance for less experienced staff.Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation.Communicate security issues to a wide variety of internal and external "customers" to include technical teams, executives, risk groups, vendors and regulators.Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests.Foster and maintain relationships with key stakeholders and business partnersref : hirist.tech)
