OneinaMil is a talent matchmaking firm, we specialize in culture driven recruiting. Our mission is to change the way traditional recruiting is done. We put human connection and culture back into the talent acquisition puzzle. If you are looking for "just another job," you’ve come to the wrong place. If you are looking for a new career, a job that doesn't feel like work, and you want to be surrounded by inspiring, forward thinking, high energy talent, apply today!
Who You Are:
Our client is looking for candidates that are knowledgeable in application security and vulnerabilities! Sound like you? We don’t expect our candidates to know everything, but we do expect them to take on new challenges and not be afraid to fail. Successful candidates are passionate about information security and willing to learn new things, take on new challenges and teach others while they are at it!
What You'll Do:
- You will work closely with other application security engineers to perform reviews and tests on Web and Conventional applications as well as embedded, firmware, mobile and more.
- You will use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications.
- You will create threat models that result in more secure application design.
- You will design and develop security testing scenarios.
- You will analyze and present results of testing to team members, managers and customers.
- You will write detailed problem reports, test plan documents, and mitigation recommendations as needed.
- You will develop tools to aid penetration test automation and effectiveness.
- You will review code for common security vulnerabilities.
- You will possibly travel to client sites to conduct in-person security reviews and assessments.
- You love penetration testing and ethical hacking.
- You love dynamic and/or Static Code Analysis.
- You love Software Development.
- You have interest in conducting security research.
What You Have:
- You have knowledge of common application security bugs and other attack types.
- You demonstrate an ability to code in one or more language.
- You have above average knowledge Windows and/or Linux and Unix variants.
- You have willingness to learn new technologies.
- You have strong written and verbal communication skills.
- You are not a jerk - Yes there is a policy on this.
These skills are not required, but if you have any of them, you are even more of a well-rounded fit!
- You have a B.S. in Computer Science or related degree.
- You have completed OSCP, OSCE, or a similar security certification or you hope to one day!
- You have an understanding of application design, development, and testing techniques.
- You are involved in Bug Bounty program.
- You have participated in a Capture the Flag event.
- You have working knowledge of common security testing tools like Burp Suite, SQLMap, Metasploit, IDAPro, etc.
- Experience with embedded, firmware, and/or IoT technologies.
- You are detail oriented and dependable.
- You have a good sense of humor and you are fun to work with!
Ridiculous benefits package!