NICE Actimize is looking for Student position – Penetration Tester
This position within the NICE-Actimize security team is one who will be responsible for support efforts to find and document security vulnerabilities through approved penetration testing efforts for the purpose of securing company Cloud services, systems, infrastructure, networks, and applications.
• Supports internal and external penetration tests, including SaaS offering, web applications, web services and network penetration tests.
• Documents the vulnerabilities, potential issues, and strengths found during test work.
• Helps with submitting tickets for remediation of vulnerabilities and potential issues found during penetration tests.
• Helps perform basic security log reviews and incident research
• Builds demonstrable knowledge of current vulnerability exploitation techniques.
• Documents team standards and procedures
• Support the company's commitment to protect the integrity and confidentiality of systems and data.
• On track to successful completion of education or experience equivalent to a Bachelor’s degree in Computer Science, Computer Information Systems, Information Security, Engineering, Math or Physical Science, or related field.
• Understanding and demonstrable willingness to learn of offensive and defensive security, including offensive evasion and defensive prevention techniques.
• Basic understanding of penetration test and security assessment procedures an advantage.
• Basic understanding of web application technologies
• Basic Perl, Python, shell, VB or other scripting language skills preferred.
• Ability to use, configure, troubleshoot, and administer Unix, Linux, Mac OSX, and Windows operating systems.
• Familiarity with Open Web Application Security Project (OWASP) Top 10 Vulnerabilities and testing procedures an advantage
• Ability to work independently and within a team environment.
• Effective written and oral communication skills.
• Ability to present findings and recommendations to peers, coworkers, and customers.
• Basic understanding of business vs technical risks