{$ msg.text $}

Security Consultant - Web/Cloud assessment

  • Application Deadline: 2019年11月30日
  • Minato City
  • Application Deadline: 2019年11月30日
  • Minato City

You will be working as a part of an agile international team of top-class security professionals with a wide variety of skillsets, interests and specializations. As a member of the team, your work will involve performing manual security assessments for our clients in various industries, as well as helping them mitigate threats the right way. Instead of running scanners or selling security products, you will be exercising your hacker mindset and diving in deep to find and exploit those sweet remote code execution vulnerabilities and business logic flaws in places where no-one has even thought of looking before.

As an employer, we offer you a good working environment with a healthy work-life balance; opportunities for travelling abroad should you wish to do so; a lot of control over your projects and research; and finally, exciting opportunities and challenges you cannot find elsewhere: Penetration testing aeroplanes and cars, lockpicking ATMs, and social engineering into banks are a reality for us.

幅広いスキルセット、興味、専門分野を持つセキュリティ専門家チームの一員として、様々な業界のクライアントのマニュアルセキュリティアセスメントを行い、彼らが正しい方法で脅威を軽減できるように導きます。スキャナーをかけたりセキュリティ製品を売るのではなく、ハッカーマインドを使ってリモートでコードが実行される脆弱性や、他の誰も気づかないようなビジネスロジック上の間違いなどを探し出すことが求められます。

私たちはワークライフバランスや職場環境を大変重要だと思っています。海外への渡航のチャンスも希望すれば作ることができますし、リサーチやプロジェクトを自分でコントロールしたり、他ではなかなか経験できない刺激的なアサイメントに出会うことができます。例えば飛行機や車の侵入テスト、ATMのロックピッキング、そして銀行へのソーシャルエンジニアリングは私たちが日常的に行っているプロジェクトです。

Requirements:

  • A thorough understanding of common web technologies and frameworks
  • Very deep understanding and experience with web-related attacks, also beyond the OWASP Top 10
  • The ability to identify and perform testing for potential attack vectors related to business logic and access control implementation issues as well as technical flaws
  • Experience in performing web application security testing, both manually and using commonly available tools such as Burp Suite / OWASP ZAP
  • Experience in using public cloud services, such as AWS and Azure
  • Understanding and experience with Windows and Linux systems
  • The ability to review relevant parts of web application source code to supplement security testing
  • Being able to assist customers with identifying the best way to mitigate security issues

Bonus Points for:

  • Fluency in programming languages commonly used for web development

  • Experience with developing / security testing mobile applications

  • Other security-related experience, such as incident response, red teaming, or malware analysis

必須条件:

  • 日本語 - 上級、もしくはネイティブ
  • セキュリティに特化したポジション(セキュリティテスト・研究・開発)の経験
  • 一般的なセキュリティ関連の概念とテクノロジー、および攻撃と緩和策についての十分な理解
  • 一般的なIT技術とネットワーキングにおける幅広い理解と経験
  • 必要に応じてソースコードを読み、理解し、テスト作業を自動化するスクリプトを書くための最低限の能力
  • コミュニケーション能力(人とコミュニケーションをとるのが苦手でないこと)
  • さまざまな業界の顧客組織と連携するための意欲
  • 論理的思考
  • 学ぶことへの情熱

あると尚良い条件:

  • 英語 - メールなどの読解ができるレベルの
  • ソフトウェア/ハードウェア開発または品質保証の経験
  • セキュリティテストおよび/またはコンサルティングの経験
  • OSCP / OSCEなどのセキュリティ認証
  • セキュリティ関連の実地トレーニングの提供における経験と意欲
  • セキュリティカンファレンスやコミュニティイベントへの参加/プレゼンテーション
  • バグバウンティやCTFイベントへの参加経験
  • 顧客プロジェクトや会社のイベントのための出張が可能(柔軟に交渉可能)
  • ストリートファイター、クラフトビール、空手、柔道、音楽、サウナなど、何か趣味や情熱を持っていることがある

Work with great people

Javier Moreno
Senior Security Consultant
"My passion for security comes from understanding how things work. Once you do, you can control it"
Karolina Malagocka
Senior Service Marketing
"At F-Secure we see the value of each and every person"
Zuzanna Kunik
Junior Data Scientist
"As a data scientist, I love working closely to data. As an extrovert, I love working with people. In my current role I’m doing both. "
Jonas Lundberg
Global Cyber Security Solution Sales
"I feel confident in selling our services that protect our customers. It's extremely stimulating and gives me a sense of purpose"
Robert Petesic
Senior Security Specialist
"Positive atmosphere in the office and knowledgeable colleagues are pushing me to always give my best and learn more."
Ruediger Trost
Pre-Sales Manager
"After more than 11 years, I still go to the office with a smile, even if it is a Monday morning =)"
ROBERT GRZEŚKOWIAK
Lead Quality Engineer
"I chose F-Secure because it gives you a great variety of experiences that you can benefit from the security perspective. "
MACIEJ KUCHARSKI
Lead Software Engineer
"You don’t feel like working in a big company, people are open and the atmosphere is very good"
PIOTR DYBA
Manager
"Every day comes with new challenges and surprises so it is impossible to get bored, especially in my team."
HASSAN MANSOOR
Junior Developer
"In my opinion F-Secure is the best place to work in Poland especially because here you have a lot of freedom at work. "
MARCIN TAMIOŁA
Senior Systems Engineer
"Best part of my current work is to have a real influence on the direction my team and work is going in."
Tinus Green
Information Security Consultant
"The fact that F-Secure performs research driven security work is the reason I work here."
Sean Nel
Senior Software Engineer
"If you like working on cool, new stuff with lekker people"
Annike Taljaard
Associate Information Security Consultant
"With the supportive company structure, we are encouraged not just to grow, but to grow in the direction that we want."
Jaco Erasmus
Ruby Developer
"In my two years at F-Secure, It has been amazing to work for an industry-leading company with a very energetic, positive and engaging culture."
Joanna Tórz
Senior Developer, Team Leader
"Nothing beats friendly but professional atmosphere, interesting daily challenges and the culture of growth as an individual and as a Team!"

We have great benefits

  • Over 1,600 amazing colleagues in 25 countries

  • Possibility to protect the world

  • Work with best of class experts who care

  • Relaxed, open and fun working environment

  • 32+ of nationalities

  • Global with the spirit of a small company

About the company

At F-Secure, we are committed to helping people and businesses be free in the digital world, without having to worry about cyber security. Every day, our Fellows face the daunting challenge of outsmarting those that disrupt the digitalized world. A difficult task, we know, but something we all come together to do for our customers. We make the world a safer place.

Our Fellowship of people have a shared interest in being successful together and being open and honest with each other. At F-Secure, we meet each other as equals, but challenge each other’s ideas – we believe this makes us all better and creates a more secure environment for our customers.

As an F-Secure Fellow, you’ll be joining a tight knit network of over 1,600 colleagues, spread over 25 offices around the world. To us, Fellowship means that what we do together is more important what I do. At F-Secure you will be part of our Fellowship. Be who you are – bring your best self.


1988F-Secure established under the name Data Fellows

1992First public hysteria about a computer virus

2002First Antivirus for mobile phones

2009F-Secure's next step into the cloud

2010The trouble with cyber espionage

2016F-Secure aims to become the leading European cyber security company

2003It begins... MWR InfoSecurity is founded.

2006MWR publishes it's first security advisory, an early step in establishing our research-led culture

2006Our first presentation at DEFCON, the first of many successful security conference appearances

Rie Hibino | Hiring Manager

応募する
F-Secure

Minato City
Visit website