About Advantio
Established in 2009, Advantio maintains an extensive team of consultants and security testing experts to provide digital security and assurance to its customers. Originally established as a payment compliance market leader, Advantio has grown from an established and leading payment security and compliance organisation in Europe to develop its comprehensive Cyber Security and Managed Security Services expertise – offering consultancy, products, and services to support organisations to first understand or their own cyber security related business risks and then by providing suitable and affordable solutions to manage those risks effectively and to remediate against threats proportionately. Advantio primarily serves the FinTech and Payment Card industries and is recognised by VISA as one of Europe’s top Qualified Security Assessor (QSA) providers.
Role Mission:
To ensure delivery and enhancement of cybersecurity services provided to Advantio’s customers.
Responsibilities:
The penetration tester should be able to:
- Perform Infrastructure and Web Application penetration tests.
- Perform Mobile Applications penetration tests is desirable.
- Perform Segmentation Test.
- Perform Internal Scan using automation tools.
- Perform Wireless attacks.
- Perform Social Engineering attacks.
- Perform Red Team attacks.
- Exploit known vulnerabilities.
- Modify, create and/or run exploits.
- Create penetration test reports.
- Technical assistance during the PT scoping in conjunction with clients and Service Delivery Team.
- Technical assistance on the pre-sale activities.
Knowledge and Skills:
- Principles and technique of ethical hacking.
- Operating Systems (Linux, Unix, Windows, OS X, iOS, Android).
- Security principles, techniques, and technologies.
- Knowledge of security standards and testing methodologies is mandatory (e.g. OWASP, NIST, etc.).
- Network protocols, design and operations.
- Advance Cryptography principles.
- Knowledge of web technologies and vulnerabilities.
- Vulnerability management.
- Risk and threat assessment skills.
- Vulnerabilities research and bug hunting experience is desirable.
- Security tools and products (e.g. Nessus, Nexpose, Burp Suite Pro, Acunetix WVS, Owasp ZAP, Wireshark, Nikto, Metasploit, etc.)
- Identification, analysis and exploiting of logical flaws
- Malware Analysis and Reverse Engineering (beneficial but not a must)
- Mobile Application Reverse Engineering experience is desirable (Android, IOS)
- Application Code Review (beneficial but not a must)
- Scripting and programming languages (e.g. C, C#, C++, Java, J2EE, BASH, Python, PHP).
- Certifications are desirable (Offensive Security, CREST, eLearnSecurity, or other information security certifications).
Competencies:
- Security consultant skills are required.
- Efficient time management, delivering billable activities on time and budget, resources optimisation and planning.
- Result orientation (solutions delivery, work under time pressure).
- Problem solving (analysis, problem setting, decision making).
- Lateral thinking and open mind.
- Mentorship skills.
OKRs:
Penetration Tester targets are also:
- Study to be in line with the new technologies and cybersecurity threats.
- Gain cybersecurity certifications especially in the Ethical Hacking category.
- Implement solutions and techniques that can help improve Advantio’s methodology and processes in terms of quality, efficiency, and breadth of supported target types.
- Tutoring at least one Junior Penetration Tester. Share knowledge and material with Junior PT members.
- Help Sales Team with customer meetings.
- Work on internal tasks and projects.
Advantio Core Values:
- Harmony, always strive to create harmony
- Openness, always be open
- Social responsibility, be socially responsible
- Timeless, whatever you build make it timeless
- Accommodating, make our customers feel at home
- Learning, be a learn it all
- Delivering results