Can you imagine a world where business and digital solutions will be truly seamless and where users will help companies to co-create them? Do you want to help us to shape this human-centered world? Welcome to UNGUESS. UNGUESS is the crowdsourcing platform for effective testing and real insights that enable tech, digital and business leaders to make smarter decisions, faster. How? Unleashing the power of the crowd, a community of highly engaged people all over the world that allows us to bring end-customer insights into the design, development, and testing phases of a product.
We are looking for a Cyber Security Specialist, who will take ownership of our bug bounty programs as a triager and ensure that they are managed at best: on time, with professionalism and to a high standard. Moreover, this role will assist in cyber security activities such as penetration testing and code reviews alongside the cyber security expert.
Requirements: Strong understanding of common vulnerabilities (OWASP Top 10, etc.) and corresponding mitigation strategiesProven experience in penetration testing and ethical hackingFamiliarity with bug bounty programs and external collaboration with security researchersGood technical skills with a keen interest in learning methodologies and exploit techniquesExcellent communication and interpersonal skills, with an ability to engage people at all levels of the organizationSpoken and written Italian and English at proficient levelCritical thinking and problem-solving skillsStrong attention to detailBachelor's / Master's degree in Computer Science, Information Security, or a related field is a plusCertifications such as OSCP, OSCE, CISSP, or equivalent are a plusAn excellent team playerEnthusiasm to be part of a fast-growing startup on a mission to make the world more human-centeredAbility to work independently and collaboratively in a team environmentSolution-oriented, constantly looking for ways to make things work better, run smoother and take less timeAble to showcase proactive tendencies, continuously looking for ways to add and create valueResponsibilities: Manage and monitor the organization's bug bounty program, ensuring timely triage and resolution of reported vulnerabilitiesConduct comprehensive penetration tests on web applications, networks, and infrastructure to identify and exploit vulnerabilitiesProvide mentorship and training to internal teams on secure coding practices and general security awarenessCollaborate with cross-functional teams to validate and verify reported vulnerabilities, ensuring accurate assessmentsProactively monitor financial information of projects to ensure a healthy project marginCreate comprehensive reports for both internal and external stakeholders, summarizing identified vulnerabilities and recommended corrective actionsProactively identify areas for improvement in security processes and methodologiesParticipate in red teaming exercises and contribute to the enhancement of the organization's overall security strategyWhat do we offer: Training courses and possible certificationsOpportunity to grow in a short time periodPackage: 28 - 35 K RAL to be adapted according to experience and skills, competitive package with flexibility on location and holidays policyLocation: the role is entirely remotePart time at present with the intention of gradually increasing to full time
#J-18808-Ljbffr