Access Softek
Innovative, Intuitive, and Integrated digital banking software for financial institutions.
Mobile Banking • Mobile Locator • OFX Server • Funds Transfer • Online Banking
201 - 500
Mobile/Web Security Tester
March 7
Access Softek
Innovative, Intuitive, and Integrated digital banking software for financial institutions.
Mobile Banking • Mobile Locator • OFX Server • Funds Transfer • Online Banking
201 - 500
Description
• Join Access Softek, an innovative software company revolutionizing digital banking with our cutting-edge online and mobile banking solutions • Commitment to innovation through mobile-first technology, machine learning, and AI • Conduct rigorous penetration tests across web and mobile banking platforms to identify vulnerabilities and improve cybersecurity measures • Full-time remote position • Conduct comprehensive penetration tests on mobile and web applications to identify vulnerabilities • Collaborate with technical and management personnel on security assessment life cycle • Provide remediation suggestions for disclosed issues • Conduct security testing in line with QA methodology and software development technologies • Develop custom scripts for assessment purposes using Python, Bash, PowerShell, or JavaScript • Manage and contribute to planning, coordination, and successful completion of security engagements
Requirements
• At least 1 year of practical proven experience in penetration testing • Ability to evaluate Web/Mobile application requirements, processes, and technologies • Experience in security testing of iOS and Android applications based on different technologies (Objective C, Java) • Experience in security testing of Web Services (SOAP, RESTful, GraphQL) • Experience in different vulnerability scanners (MobSF, Qark, AndroBugs, OWASP ZAP, Burp Suite etc.) • Experience with exploitation tools and frameworks such as ADB, idb, Frida, Xposed, and Inspeckage • Understanding of mobile security testing process (e.g. OWASP Mobile Security Testing Guide, OWASP MASVS) • Good understanding of the TCP/IP protocol stack, encryption methods, and their implementations, including symmetric vs asymmetric cryptoprotocols and SSL/TLS protocols • Solid knowledge of web services implementation (nginx, IIS/ ASP.net, .NetCore, javascript), including HTTP/HTTPS and WebSocket protocols • Knowledge of key InfoSec principles, standards (ISO/IEC 27001-27002, PCI DSS), and governance frameworks • Strong analytical skills to assess security vulnerabilities and execute penetration tests effectively • Nice to have: Experience in AWS services and AWS-serverless stack • Certification in the security field • Understanding of and practical experience in the security audit process, meeting fintech security compliance requirements (PCI DSS) • Previous experience as a software engineer or knowledge of software development methodologies • Experience in security testing of network infrastructure • Experience in the development of security-related documentation
Benefits
• Fully remote work • Home office equipment (computer, additional monitor, etc.), if necessary • Internet compensation (50$ per month) • Long-term employment • Paid vacation and days off on national holidays • Paid sick leave and internal medical insurance policy • English at special corporate rates • Community of practice, regular knowledge sharing among colleagues • Friendly and easy-going international team and colleagues
Apply Now
