Description
As a Lead Ethical Hacker at EPAM, you will play a crucial role in ensuring the security and integrity of our clients' digital assets. You will lead a team of ethical hackers and collaborate with cross-functional teams to deliver comprehensive security assessments and penetration testing for a prestigious international client of ours based in Qatar.
Join a team dedicated to delivering exceptional security services: together, we can make a positive impact and safeguard digital ecosystems from emerging security threats.
Responsibilities
- Conduct application security assessments, penetration testing, and ethical hacking activities on our software applications, web services, APIs, and network infrastructure
- Identify vulnerabilities and security weaknesses in applications and systems, including but not limited to OWASP Top 10 vulnerabilities, authentication and authorization flaws, input/output validation issues, and security misconfigurations
- Perform comprehensive manual and automated security testing using industry-standard tools and methodologies, such as Burp Suite, Nessus, Metasploit, and Nmap
- Develop and execute penetration testing plans, scripts, and methodologies to simulate real-world attack scenarios
- Collaborate with development teams to provide guidance on secure coding practices, vulnerability remediation, and security best practices
- Document and communicate assessment findings, including detailed reports, risk assessments, and recommendations for remediation
- Stay up-to-date with the latest security vulnerabilities, attack vectors, and industry best practices in application security and ethical hacking
- Participate in security incident response and forensic investigations, as needed
- Collaborate with cross-functional teams, including software developers, system administrators, and network engineers, to ensure the implementation of effective security controls
Requirements
- Proven experience as an Application Security Assessment, Penetration Testing, or Ethical Hacking Specialist, with hands-on experience in conducting security assessments and penetration testing
- Strong knowledge of web application security principles, secure coding practices, and common vulnerabilities (OWASP Top 10) and mitigation techniques
- Experience with penetration testing tools and frameworks, such as Burp Suite, Nessus, Metasploit, Nmap, or similar tools
- Familiarity with scripting languages (e.g., Python, Ruby, PowerShell) for developing and automating security testing scripts
- Understanding of network protocols, operating systems, and network security concepts
- Knowledge of cloud security and containerization technologies (e.g., AWS, Azure, Docker) is a plus
- Familiarity with secure software development lifecycle (SDLC) practices and methodologies
- Relevant certifications, such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Penetration Tester (GPEN), are highly desirable
- Strong analytical and problem-solving skills, with the ability to think creatively and apply critical thinking to uncover security vulnerabilities
- Excellent communication and interpersonal skills to effectively communicate technical findings and recommendations to technical and non-technical stakeholders
We offer
- Competitive compensation depending on experience and skills
- Opportunity to work on leading edge platforms, working in a fast-paced, agile, software engineering culture
- Knowledge-sharing with colleagues from EPAM's global tech communities
- Unlimited access to LinkedIn learning solutions
- Regular performance feedback and salary reviews
- Opportunities for professional growth
- Annual discretionary bonus
- Annual air travel tickets for expatriates
- End of service gratuity
About EPAM
- EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential
Additional
- You will be working on site, from our client's office in Doha
- The working schedule is 5 days a week, from Sunday to Thursday (In Qatar, weekend is Friday to Saturday)
- Formal business attire is required
- Please be mindful that local labor law regulations will apply to annual paid leave and sick leave