Title: Penetration Tester (Urgent)
Company Name: Doodle Inc.
Job Location: Anywhere in Bangladesh
Employment Status: Full-time
∎ BS in Computer Science, IM, IT, Engineering or equivalent
∎ At least 2 year(s)
∎ Analyze the cyber defense policies and configurations and evaluate risk and compliance with regulations and organizational directives.
∎ Conduct\Support\oversee authorized penetration testing on network assets.
∎ Penetration testing and code review.
∎ Prepare and review reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions;
∎ Perform risk analysis; Measure the effectiveness of controls against known vulnerabilities.
∎ Establishing\improving PenTest policies, procedures, exceptions, and operations.
∎ Leading or participating in cross-functional efforts for managing risks.
∎ Collecting, analyzing, reporting and briefing discovered vulnerabilities.
∎ Work with stakeholders (system administrators and owners) to manage risks\vulnerabilities.
∎ Perform technical (evaluation of technology) impact\risk and vulnerability assessments of relevant technology focus areas.
∎ Identify systemic security issues based on the analysis of vulnerability and configuration data.
∎ Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).
∎ Ensure remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.; Provide clear updates to management on vulnerabilities; Investigate, document, and report on the status and emerging trends.
∎ Maintain up-to-date vulnerability profiles, including respective detection and countermeasures.
∎ Participate in industry task forces and working groups where appropriate to understand current and emerging vulnerabilities to stay up to date.
∎ Solid fundamentals in webapp and network pentesting (3+ years). Pentesting exp in mobile apps, APIs, and cloud environments.
∎ Solid understanding of common webapp vulnerabilities, exploitation techniques, and remediation options
∎ Understanding security fundamentals and common vulnerabilities (e.g. OWASP Top Ten)
∎ Use of vulnerability management and Penetration Testing tools.
∎ Experience in security engineering, system and network security, authentication and security protocols, applied cryptography, and application securityPassion for learning new technologies and processes, and contributing to refining existing capabilities.
∎ Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
∎ Scripting/programming skills (e.g. NodeJs, Php, Java etc.)
∎ Use of industry-standards and widely accepted pen-testing and analysis principles and methods.
Compensation & Other Benefits:
∎ T/A, Mobile bill, Tour allowance, Credit card, Medical allowance, Performance bonus, Weekly 2 holidays
∎ Lunch Facilities: Partially Subsidize
∎ Festival Bonus: 2
Application Deadline: 9 Apr 2021
∎ 10 Mar 2021
∎ Doodle Inc.
∎ Address : House: 1047 (2nd Floor), Road: 09, Avenue: 09, DOHS, Mirpur-12, Dhaka-1216
∎ Web : www.doodlei.net
∎ Business : We are a global IT company providing strategic IT business solutions and services for complex business problems.