Security Researcher

کامپیوتر و فناوری اطلاعات
5 ماه پیش

شرایط شغلی

موقعیت مکانی تهران، تهران
نوع همکاری تمام وقت
سابقه کار بین 3 تا 7 سال

درباره شغل

About First Source Arya Solutions
First Source Arya Solutions is a software development company focusing on developing state-of-the-art solutions for the global financial industry. We help our international clients grow their audience with customer-centric products and services.

A career at First Source Arya Solutions is an opportunity to make an impact in a fast-growing organisation that’s at the forefront of FinTech advancements.


About the role
We’re looking for a Security Researcher to join our Security team, which is responsible for protecting the company’s digital assets, from information to infrastructure and more. As a Security Researcher, you will perform penetration testing on our web applications, identify potential security issues, and assist our developers in patching security bugs. You will also manage our bug bounty programme, which includes analysing and validating external security reports.

Responsibilities
● Analyse and optimise processes to handle unexpected situations more efficiently.
● Identify and predict security flaws by putting yourself in the shoes of a potential hacker.
● Stay abreast of the latest security bulletins and findings.
● Actively monitor our software development pipeline to find and raise potential security issues.
● Assist our developers in understanding and patching any bugs that you find.
● Encourage security awareness throughout the organisation via regular communication on security best
practices and the latest online threats.
● Check our systems against the latest attacks, vulnerabilities, and mitigations.
● Identify attack vectors.
● Conduct security reviews of production infrastructure.
● Build security tools and processes for critical infrastructure monitoring, protection, and
mitigation.
● Perform regular penetration testing of our web applications.
● Monitor our automated security scripts and utilise them to identify threats.
● Manage our bug bounty programme.

Minimum requirements
● Experience with web application security and testing, security monitoring, and intrusion
detection
● Experience with fuzzing and finding edge cases in the validation stage
● Knowledge of encryption fundamentals and the OWASP Top 10
● A good understanding of attacks and mitigations such as timing, injection (e.g. form parameter/SQL),
side-channel, DoS, buffer overflows, and DNS cache poisoning
● Ability to assess the security impact of bugs and API inconsistencies
● Familiarity with industry standard tools such as Burp Suite and Metasploit
● Experience in writing custom code and scripts to investigate security threats
● A clear understanding of the OSI model, TCP/IP, and other industry-standard network defense
concepts
● Extensive experience in bug bounty programmes such as HackerOne, Bugcrowd, and Cobalt
● Knowledge of the latest industry trends and best practices in information security

Preferred qualifications
OSCP, CEH, Security+, CISSP, or any GIAC certification

Perks and benefits
● Market-based salary
● Annual performance bonus
● Health benefits
● Flexi hours

Location
Negar Tower, Tehran

مهارت ها

  • api
  • ceh
  • security+
  • cissp
  • sql server

اطلاعات شرکت

هدف ما در شرکت راهکارهای متن اول آریا، توسعه‌ی پیشرفته‌ترین راهکارهای نرم‌افزاری در زمینه خدمات مالی و متحول ساختن این صنعت در سرتاسر جهان است.
همکاری با شرکت راهکارهای متن اول آریا، فرصتی را در اختیار شما می‌گذارد تا بتوانید نهایت توان و استعداد خود را به نمایش بگذارید. درمحیط پویای این شرکت که برای پیگیری، نوآوری، و سخت کوشی ارزشی ویژه قائل است، شما ضمن مشارکت در طرح های متنوع، در مسیر رشد حرفه ای خود گام برمی دارید.
رویارویی و غلبه بر چالش‌های جذاب و منحصر به فرد کاری را با ما تجربه کنید.
برای استفاده از سایت لطفا از مرورگر کروم استفاده کنید.
باز کردن کروم
دریافت کروم
نه بعدا
برای استفاده از سایت لطفا مرورگرتان را بروزرسانی کنید.
به روز رسانی
نه بعدا