➡️ Apply here: Penetration Tester
👩💼 Want to stand out? Improve your resume to appeal to recruiters, hiring managers, and Applicant Tracking Systems. ➡️ Improve your resume
The Operative-Technical Agency of Georgia of the State Security Service of Georgia is announcing the Vacancy of the Penetration Tester (Hereinafter also referred as Pentester) whose primary responsibility is to conduct vulnerability discovery, assessment and later exploitation thereof for the I and II Tier Critical Information System Subjects.
With the aim to ensure high quality delivery of the abovementioned services, the Pentester is required to execute following tasks:
** Thorough selection and use of automated and non-automated scanners for detection and subsequent exploitation of detected vulnerabilities;
** Pentest planning and actual implementation without inflicting irreversible damage to the Information and Communication Infrastructure subject to examination;
** Detailed description of the detected vulnerabilities and potential scale of the damage upon their exploitation;
** Elaboration of the recommendations and detailed instructions aimed at eradication and/or mitigation of the detected and exploited vulnerabilities;
** Communicating with business owners and technical stakeholders for the purposes of increasing efficiency and secure delivery of the Pentest;
** Articulating findings into clear and actionable corrective measures both in verbal and written format
** The appropriate candidate for the Position must possess the following proven
knowledge/experience/skills:
** Web application security assessment experience with thorough knowledge of OWASP Framework;
** Active Directory Domain Services (AD DS) and other corporate environment centralized management framework auditing and penetration testing experience;
** Familiarity with security testing tools (e.g. Burp Suite, Nessus, Nmap, Accunetix, Pingcastle and etc);
** Knowledgeable with mobile application testing (DAST/SAST);
** Experience in vulnerability assessments and penetration testing in cloud environments;
** Profiling organization`s security posture and tailor adversary attack vector and TTPs;
** Scripting capability (e.g. Python, Bash and Powershell);
** Source code analysis capability;
** Knowledge of English Language (at least B2 Level);
** The ability to adjust to a wide range of IT technologies and swiftly become proficient in new ones.
Please send your CV to vacancy@ssg.gov.ge and mention the position name in the subject line.
Only shortlisted candidates will be contacted.