Hey! Any hackers, pentesters, or other security-minded people here looking for work? My company Sompo Digital Lab Tel Aviv is hiring! Feel free to reach out to me if it's relevant for you or someone you know.
(We're also looking for developers on the Incubation team! More info here: https://www.sdltlv-careers.com/)
------
SOMPO Holdings is the first Japanese company to establish a Cyber Center of Excellence in Israel. Our center provides cybersecurity services to its subsidiaries worldwide.
A red team service will simulate attackers to proactively detect vulnerabilities in SOMPO’s systems. Additional services include providing secure development, incident management, cyber drill activities, and testing of new cyber products.
The Cyber Excellence Center is part of the cultural change taking place at SOMPO these days to become a digital powerhouse and support the shift-left approach.
We are looking for talented red team members to join our team, hacking one of the top financial organizations in Japan.
What Will You Do?
• Determine with Sompo’s business units the scope of work.
• Plan and execute attack scenarios.
• Create reports including mitigation recommendations and technical explanations on the security issues with matching levels of risk.
• Present your conclusions to management and relevant parties, reflecting the gaps and business impact to relevant stakeholders.
• Working with the cyber startup eco-system to find innovative solutions.
Requirements
• At least 3 years of experience in cyber security where at least 2 years out of them in pentesting.
• In-depth understanding of computer systems and their operation.
• High familiarity with OWASP top 10.
• Excellent spoken and written communication in English - ability to articulate how vulnerabilities impact the business.
• Communicating methods to a technical and non-technical audience including executives.
• Vast experience in security systems in mid-large organizations.
• Exceptional analytical and problem-solving skills.
• Persistence to apply different techniques to get the job done.
• A team player who supports colleagues and shares ideas and techniques.
• Plan and execute tests while considering client requirements and limitations.
• Ethical integrity to be trusted with a high level of confidential information.
• Commitment to continuously updating technical knowledge base.
• Advantage: experienced in SDLC, threat analysis (STRIDE) and/or code review.