Test Automation and Penetration Tester – Arifu

Job Description:
The Test Automation and Penetration Tester will report directly to the the Head of Quality Assurance and be responsible for:
Conducting penetration testing exercises on intranet, internet, and web
Conducting simulated attacks which replicate real-world exploitation techniques/scenarios
Analysing data related to security vulnerabilities
Generating reports on findings, risks and recommendations
Working closely with technology teams to develop and implement relevant solutions
Perform system, network and web application penetration tests regularly as per the schedule and any ad hoc request comes
Perform black, gray and white-box Web Application and Web Service penetration testing.
Designing and developing test automation scripts.
Develop and lead the automation strategy/effort and generate scripts to perform automated testing cycles using Selenium & Appium
Design, Execute and analyze automation test scripts & test results for Web applications, iOS, Android & Windows Phone apps
Using test automation guidelines.
Researching issues in software through testing.
Collaborating with QA Analysts and Software Developers to develop solutions.
Keeping updated with the latest industry developments.

Qualifications:
A desire to impact lives, the ability to make a long-term commitment to your team and the product and exceptional problem solving abilities are all essential prerequisites on the Arifu team. For this role, we’re also looking for someone with the following:
Bachelor’s Degree in Information Technology, Information Security or related field required
Relevant certifications such as OSCP (Offensive Security Certified Professional) and OSCE (Offensive Security Certified Expert)
4+ years of experience in penetration testing and 3+ automation
Experience with networking, network protocols, and security infrastructures
Familiar with penetration testing methodologies and standards (e.g. NIST, CIS, OSSTMM)
Technical background and an understanding of the mobile apps & eco-system
Good development/scripting skills in common languages which are Web-driver compatible language such as Java, Objective-C, JavaScript with Node.js, PHP, Python, Ruby, C#, or Perl with the Selenium WebDriver API and language-specific client libraries.
Good experience with different Mobile Operating Systems (iOS, Android, Windows Phone)
Expertise in bypassing / breaking authentication protocols (Enumeration, Brute-force, breaking application configuration parameters, etc.)
Expertise in web session management. Testing of web servers logic and interfaces
Expertise with Data Validation for Web Applications to test against vulnerabilities (e.g., ref. OWASP) such as XSS, injections (LDAP, SQL, HTML), overflows, etc.
Creative thinker with an understanding of what can really work in a distributed and complex environment.
Strong understanding of Windows and Linux environments and networking
Ability to collaborate effectively as part of a team, as well as work independently with minimal supervision
Ability to interact successfully with both technical and non-technical stakeholders
Fluency in English and Swahili required;
Ability to handle the chaos of a fast-paced startup work culture and a willingness to take on additional tasks and support the work of other team members as necessary to achieve collective goals.
Ability to write scripts/tools as required by the job
Ability to work with minimal day-to-day direction and must be personally motivated to continually learn new, emerging technologies.

Compensation and Benefits:
First and foremost, we care about your success. Investment in our team members is the only driver of Arifu’s success. We offer competitive compensation packages including participation in the Arifu Rewards Program. We also offer a comprehensive health insurance package and will cover the cost of a work permit for foreign staff. Other benefits include monthly airtime allowance, extra leave, a stocked kitchen for breakfast and snacks, monthly phone credit, and plenty of ping-pong and foosball among other extra-curricular activities.

Method of Application
Send your CV to talent@arifu.com with “Penetration Tester” in the subject and tell us what excites you about this role. If we see a good fit, we’ll get back to you to set up a first conversation. Please note that due to the volumes of applications received, only shortlisted candidates will be contacted.

[yuzo_related]