Do you live and breathe finding security issues in servers ,networks and web apps? Do you love taking unsecured web and database servers and making them bullet-proof? Then we should talk.
I need an Expert in Web-based security and penetration testing and/or ethical hacker, to see if a deployed site can be brought down. I am looking for a do'er who can do this from outside without having access to the server/db or app.
Must have a strong background to test web-based security against all security vulnerabilities.
Applicants must have experience of but not limited to the following:
- Data protection - Cracking of passwords / brute-force attacks
- SQL Injection attacks
- checking the front end for vulnerability
- URL manipulation through HTTP GET methods
- protecting against cross-site scripting(XSS) attacks
- test service access points - must have a good understanding of IPs.
-scan penetration testing of API endpoints of a web app.
All results must be kept confidential, you will be required to produce a detailed report of any vulnerabilities or potential vulnerabilities you have detected. This Job will require you to attempt to break the site and possibly take it down and then give recommendation and hardening the site.
We don't want script kiddies, only apply if you have tools and knowledge to take down a site and also recommend what we need to do to protect the site
Tests should be on the network, operating system and application level. Look for security weaknesses, and if possible, gain access to our systems and data. Identify, quantify, and rank the vulnerabilities in our system. Finally, recommend ways to mitigate vulnerabilities and risks.
Must have experience and industry-recognized certification. We're based in the U.K. I don't mind if you're overseas, but you must be able to speak on the phone / chat in real-time if needed. Even if that means you're up at 3am due to time zone differences.
This is an ongoing position that will require a test every two weeks,
TO BE CONSIDERED, YOU MUST:
-Be able to find all weak points in web servers
-Be able to find all weak points in database servers
-Be able to present your findings in a report that clearly shows what needs to be changed
-Present solutions for all the issues found
-Show strong critical thinking and problem-solving skills
-Have expert-level penetration testing skills
-Provide examples of your work
-Be able to frequently communicate with us when needed
-Be able to work under minimal supervision
-Be able to speak English
-Have access to Skype