We send a signal - “w00t w00t” whenever we find a critical vulnerability. Our vision brings the most talented & experienced security consultants in the industry & this right opportunity to grow professionally.
We have a professional development training plan where you can apply for OSCP certification after completion of 6 months of Internship.
Who are you & What You Will Do:
Yourself a passionate Pentester who knows your way around finding vulnerabilities in digital assets. You may have found the critical to low vulnerabilities or zero-days vulnerabilities responsibly disclosed & presented at conferences or infosec groups. You have submitted multiple exploits on Public exploit repository websites.
You like to create vulnerability labs for practicing the latest vulnerabilities & keeping yourself updated with the latest vulnerabilities. You like to play around with Linux, Windows machines to bypass the existing security feature by writing shell scripts or existing tools.
With SecureLayer7, you will be assigned a mission to pentest Web, Binary (RE), Mobiles apps, Source code audit, application architecture review, Cloud infrastructure (AWS, GCP, Azure), & Ethereum Smart contract audit. Somedays, you will be assigned to work on research on the latest vulnerabilities & preparing the research paper about it. You will be given to work on Red assessment for accessing physical devices to compromise the data center. Few Days, you will be performing the source code audit & ETH smart contract audit. And regularly, you will be working on Web, Mobile & infra penetration testing. Every day you will be learning something new about infosec.
Willingness to travel for onsite jobs specifically Middle East, and North America.
As Pentester, you will be responsible for writing detailed reports & providing mitigation opinions to customers. You will be mentoring a JUNIOR Security consultant.
None, we love to work with skilled & passionate people.
Overview of Technical Skills
1. 2 - 5 Years of experience in OWASP top 10, and performing web and mobile application and API security application testing, source code reviews, wireless network assessments.
2. Develop comprehensive and accurate reports and presentations for both technical and executive audiences
3. Should be able to perform SAST and DAST testing
Good to have in CV & Pulse Point to Get Selected
1. HacktheBox Profile
2. BugBounty Profiles
3. Github Link
4. Personal Blogs Link
5. OSCP/E, GWAPT, or GPEN certifications
6. CTF Player