About this job

At Huld you will be dealing with meaningful projects in a cool team.

Huld is a technology design house located in Prague and Pilsen in the Czech Republic and at many sites across Finland. We are especially prominent in industries where lifecycle, quality management as well as security and safety are critical. Our team is multinational and has many years of experience from Critical Systems, Data Science, Blockchain, Machine Learning, Web Development, Digital Security, Industrial Design and IoT.

Responsibilities

We are looking for an offensive security expert / penetration tester, who will work on several projects for the public and private sectors. You will be a member of newly established digital security team in the Czech Republic.

In your daily job, you analyse customer’s system environments and products, execute system-related attack surface mapping and perform technical testing against customer’s target systems. Typical work tasks include facilitating technical threat modelling workshops, planning blackbox or whitebox testing countermeasures and finding security vulnerabilities in customer systems. You should be able to perform your work based on the customer requirements and security assessment criteria, create and run the tests and finally find and report vulnerabilities and recommendations.

Profile

As a top-notch candidate, we expect you to have:

• Passion for digital security and hands-on experiences on ethical hacking and bug bounty.
• Solid understanding of technical security, typical vulnerabilities and cyber-attack scenarios in different technologies – especially in web applications, API interfaces and cloud environments.
• Demonstrated knowledge of a variety of test methods and tools for instance BurpSuite, OwaspZAP, nmap,…
• Understanding of technical security standards and guidelines (e.g. OWASP TOP-10)
• Good understanding of system architectures and ICT infrastructure that helps you to identify dependencies of different vulnerabilities or weaknesses in a target system.
• Background in software development and coding skills (especially Python), which are regarded as a plus.
• Possibly a good rank in HackerOne or other bounty platform and perhaps an Ethical Hacker or OSCP certification in your pocket, which are regarded as a plus.

To be successful in your job, you must first and foremost have a “yes I can” attitude and ability to perform your work in a challenging and sometimes unknown environment. This position is open also for graduates or students of their last year of university.

How do we imagine you?

• You hold a university degree (B.Sc., M.Sc., Ing., Ph.D.)or You are a student of computer science, cyber security or relevant
• You are self-initiated and have good interaction and communication skills
• You are passioned about your work and latest trends and tools
• Fluent English (at the technical level)
• Industry expertise, especially from the national security sector, public administration or the social and health sector, is a plus
• Experience in software development, information systems and application development information security testing and evaluation are also considered an asset