الوصف الوظيفي
As a bold global technology leader, our products and services touch the lives of millions, as well as lending a huge helping hand to some of the country’s most crucial organizations. From contactless payments to connecting emergency services, our technology delivers some truly exciting initiatives, not to mention the incredible connections we make on a global level every single day. We rely on the brightest sparks to help us deliver new innovations. So if you believe, like we do, that technology can help us imagine, create and realize a more connected future – then we need you to help us achieve that goal! We’re focused on building the best network, providing a knockout digital experience and giving back the very best to our customers. Not bad for a company you thought was just a mobile network provider, right? We’re here to prove we’re no one trick pony and our technology reach goes way further than you imagined. Read on to find out just how far....
With us you will:
This role will be responsible for operating Security Service for ethical hacking exercises, penetration testing and red teaming, where proactively discover vulnerabilities and ensure mitigation actions are deployed in the defined time schedule. Manage and oversee all penetration testing projects, push vulnerability remediation, ensure to meet all defined SLA’s and KPI’s for the services provided by the teams. Manage & administrate penetration-testing activities & ensure effective controls are in place to detect vulnerabilities across Vodafone infrastructure, services and application ensure that all vulnerabilities detected are reported and understood by the various stakeholders. You will lead vulnerability identification and management service which includes reporting. This includes looking across not only the operational enterprise, but to infuse Vulnerability identification into the development of new capabilities by providing self-service functions that can be utilized across the technology groups. The role calls for a strategic professional who understands business operations, information technology, telecommunication networks and security and will utilize that knowledge to assist with the implementation of an effective security campaign. Thus provide cyber security assurance for secure perimeter and applications in Vodafone Qatar.
Execute security assessments and penetration tests to highlight and clearly articulate risk to the business in terms they understand
Create scope definition of security tests and provide detailed technical reports of security tests with analysis results and recommended action plan for remediation
Create monthly and weekly reports on the Penetration testing activities and Participate in the senior management meeting to update the monthly/weekly status.
Maintain and operate the tools, devices and lab environment needed for security tests
Contribute to the creation and maintenance of Vodafone policies and guidelines concerning security assessment and testing
Proactively discover vulnerabilities in Vodafone environments and produce defensive techniques and reports the analysis of vulnerability and remediation action with POC of exploits
Act as primary technical subject matter expert for security testing
Accountable for the overall test execution, quality of work and deliverables of assigned security test engagements
Hold regular presentations and workshops on new techniques and methods both within and outside of the team
Responsible for the continuous development of security testing services and processes
Perform vulnerability research to identify new, previously unknown and unpublished vulnerabilities
Perform Source Code Analysis with SAST platform and explain the suggested fixes to developers
المهارات
Apply if you have:
4+ year experience in Web & Mobile Applications Penetration Testing.
Experience with KaliLinux and other penetration testing tools and SAST and DAST Tools.
Experience in Operating systems like Linux, Windows, web application, Virtualization -VMWARE, network/ infrastructure security and assessments.
Knowledge on OWASP, Sandbox, Kali Linux, Burp suite, CVE, SSL PKI,2FA, IAM, Perimeter security, SIEM solutions.
Exhibits strong technical understanding and telecom network, applications comprising of IT solutions, Mobile Applications, Cloud and Big Data infrastructure services
Experience with scripting and programming skills (Python, C++, Powershell, Java, Perl, Ruby etc)
Knowledge of Diameter and SS7 Vulnerabilities Management will be a plus
Certification like OSCP, OSCE, GPEN or GMOB
تفاصيل الوظيفة
منطقة الوظيفة الدوحة, قطر
قطاع الشركة الاتصالات والشبكات
طبيعة عمل الشركة صاحب عمل (القطاع الخاص)
الدور الوظيفي --
نوع التوظيف --
الراتب الشهري غير محدد
عدد الوظائف الشاغرة 1
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 3
الشهادة بكالوريوس/ دبلوم عالي
https://www.bayt.com/ar/qatar/jobs/lead-penetration-tester-4303139/
نسخة للطباعة 
ابلغ عن اعلان مخالف