At Quantox, we grasp the challenge, target the essence, and make it possible. With leading technology as a tool and our people as the biggest power force, we believe in creating advanced results – joining tech, creativity, and data analytics with a thorough approach. Merging deep interest in software web development with qualitative insights and clear purpose gives us a better understanding of our clients and users and the opportunity to unlock creative power in delivering innovations.
Join our team and be part of a dynamic and innovative journey. At Quantox, we believe in a comprehensive, problem-solving approach that combines knowledge and leading technology to provide our clients and users with smart, optimized solutions and practices. If you're ready to contribute to this mission, we invite you to join us in the position of:
Cyber Security Specialist
You can expect from us:
- Private health insurance
- Flexible working hours
- Additional paid days off
- Organized visits & participation in conventions and conferences (both in and out of country)
- Networking and sharing experience with fellow colleagues through Meet-ups in on a regular basis
- Paid mentorship program - if you see a higher value and joy of mentoring less experienced colleagues
- Boost of team connection through employee gatherings and team building activities
- Discount for your family members on Quantox IT Academy courses
Requirements and what you can expect form this role:
- At least 3 years of experience in Cyber Security.
- Conduct comprehensive web application security assessments and penetration tests on a variety of web applications, APIs, and mobile applications to identify vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and business logic errors.
- Utilize a combination of manual testing techniques along with automated security scanning tools (e.g., Burp Suite, OWASP ZAP, Nessus, Qualys) to thoroughly assess applications for security weaknesses.
- Develop and execute test plans, scenarios, scripts, or procedures for web security testing, including both authenticated and unauthenticated testing, and segmented by user role.
- Stay updated with the latest security threats, techniques, and tools; continuously enhance knowledge through research, and apply this to testing methodologies.
- Work closely with development and product teams to effectively communicate findings, provide clear, detailed, and actionable feedback, and recommend remediation strategies.
- Conduct re-tests to validate the resolution of any identified vulnerabilities and ensure that patches or fixes have been implemented correctly.
- Create detailed reports and documentation outlining the findings from penetration tests, including an executive summary that clearly communicates risk levels, technical details, evidence, and recommendations for mitigation in a format understandable by both technical and non-technical stakeholders.
- Participate in security incident response activities and investigations as required, providing expert advice on containment, mitigation, and prevention strategies.
- Contribute to the development and refinement of security testing methodologies and best practices within the organization.
- Mentor and guide junior security analysts or testers, sharing knowledge and best practices in web application security and penetration testing.
- Continuously monitor and assess new security tools, technologies, and practices for potential adoption to enhance the security testing framework.
Note: This role requires hybrid work model - 2 days from home and 3 days from the office (Belgrade).
Click the apply button and join us in redefining the way businesses connect, engage, and thrive.