At EG, we develop software for our customers so they can focus on their profession.Our industry-specific software is built by peers from the industry, and backed by the scale of EG for stability, innovation, and security.We are committed to advancing industries by tackling big challenges such as resource use, efficiency, and sustainability.
We are a thriving global workforce of 3000+ employees, with a 850+ strong team based in Mangaluru, India. We have a people first culture fostering innovation, collaboration and continuous learning
Join us in creating software that works for people, not software that makes people work. Visit our career page to meet some of your future colleagues, explore our culture, and watch our video "We Make a Difference".Learn more about EG here.
About the team:
We’re looking for a Junior Penetration Tester/Penetration Tester with 2+ years of experience to join our Cyber Security team in Mangalore.
We think that security can be an exciting journey. With constantly evolving threat landscape and new technologies around, our success depends on our creativity in identifying new ways of securing what matters most to us. If you like to
work smart, be creative, deliver results, develop yourself, act as a team player, and really enjoy cybersecurity
, you will fit perfectly for our team. Working with us will allow you to cooperate in very good atmosphere with motivated, multinational team and gain experience with leading security solutions. You will be responsible for your part of our security playground and have perspectives to grow your team in the future.If it sounds good to you, join our boutique team of experts developing cybersecurity in diverse organizations supporting a wide spectrum of public and private entities by delivering them specialized IT solutions.
Responsibilities:
You will have a chance to grow together with us and actively participate in the process of building security services and competencies.You will work on both improving security of our EG environment, as well as products for our customers.We are looking for new team members with aim to drive and develop our penetration testing services who can support us with at least some of the following topics:
- Penetration tests of applications (mostly web & mobile) and defining security improvements
- Penetration tests of cloud & IT infrastructure and defining secure architecture and hardening standards
- Testing and implementing new security testing tools & solutions (DAST, vulnerability scanners, external attack surface Management, cloud security posture management,)
- Configuration reviews of applications, cloud & IT infrastructure
- Continously improving the penetration testing methodology and test delivery model
- Advising IT teams and business on security topics and remediation actions
- Automating security testing activities
- Conducting security training for IT and business
Your workday, your tasks and mandatory skill set:
The key skills which can allow you to succeed in this role:
- Ability to perform web & mobile application or infrastructure penetration testing.
- Understanding security concepts in cloud, network, operating systems (Windows, Linux, MacOS), databases, virtual environments, Active Directory.
- Ability to manage penetration tests and deliver high quality results.
- Practical knowledge of penetration testing tools (e.g. Burp, Kali Linux, vulnerability scanners) and pentesting methodologies.
- Knowledge of system hardening best practices, access management and vulnerability management principles.
- Understanding of secure architecture concepts, secure SDLC principles and security good practices.
- Knowledge of NIST Cybersecurity Framework, CIS Controls, MITRE ATT&CK and OWASP recommendations and other security good practices.
At the beginning, we do not expect that you will have all these skills. It is enough that you are motivated to gain them.
Required Skills:
- B.Sc. or M.Sc. in cybersecurity, IT, telecommunications, or similar.
- The ideal candidate should have at least 3 years of experience in penetration testing.
- Security certifications like: OSCP, OSWE, CEH, LPT, GWAPT, GPEN, GXPN, CISSP, CCSP, CISM, PenTest+ or others are a plus.
- Knowledge of penetration testing tools (Burp, Kali Linux, vulnerability scanners)
- Knowledge of security testing solutions like vulnerability scanners, SAST, SCA, DAST, CSPM and attack surface management solutions are a plus.
- Good verbal and written communication skills with the flavour of leadership and time management skills.
What can you expect from us
:
- A professional, innovative, and business-driven environment with exposure to real-world problems and large-scale cybersecurity solutions.
- Work with super-talented and committed colleagues in a culture of collaboration, curiosity, and continuous learning.
- Flexibility to experiment and ownership to implement ideas that matter.
- Extensive opportunities for personal and professional development through our learning academies.
- A strong focus on employee well-being, inclusion, and best-in-class benefits.
