Logo French Tech Logo French Tech

Senior mobile application penetration tester - eShard

CDI
En savoir plus
Société :
eShard
Contact :
Publié le :
9 décembre 2021
Type :
  • CDI
Compétences :
penetration tester
Poste à pourvoir à partir de :
10 janvier 2022
Votre mission

Hello! 👋 Are you curious, passionate and have a taste for challenges? Do you wish to develop your strategy skills in an innovative and multinational environment?

We are a technology startup specialized in cybersecurity – everything from mobile applications to connected devices. Our role is to provide our customers, developers and users of connected objects, the means of controlling cyber risk and ensuring their products are at the correct level of protection.

For that, we have assembled a great team of specialists, and you could be one of them!

📌 We are looking for a Senior mobile application penetration tester

📅 Desired start date: ASAP.

📍 The position is based in Pessac (Bordeaux).

> You are perfect for us, if:

  • You have experience in reverse engineering and/or malware analysis and in reversing Android/iOS applications
  • You have experience with DBI (like Frida)
  • You have experience with bypassing client-side protections (root detection, hooking detection, etc.)
  • You have experience in reversing heavily obfuscated applications (Java, C/C++, Swift, ObjC preferably)
  • You have experience in reversing cryptographic mechanisms (secure storage, etc.)
  • You have in-depth knowledge in OS and security mechanisms (system calls, sandboxing, secure enclave, etc.) and in AARCH64 assembly code
  • You have the ability to use Vulnerability assessment tools skillfully
  • You are accomplished in at least one programming language
  • You have a solid understanding of exploit code
  • You love development in the following languages: Python
  • You have good spoken and written communication to explain your methods to a technical and non-technical audience (French & English) to be able to support our French and English speaking customers
  • You have the sense of attention to detail, to be able to plan and execute tests while considering client requirements
  • You have the ability to think creatively and strategically to penetrate security systems
  • You have good time management and organisational skills to meet client deadlines
  • You have ethical integrity to be trusted with a high level of confidential information
  • You have the ability to think laterally and ‘outside the box’
  • You enjoy teamwork to support colleagues and share techniques
  • You have exceptional analytical and problem-solving skills
  • You work in a proactive manner and make sure that everyone is engaged and works well together. You take initiatives to make sure eShard core values are enforced and consistent with the different actions and to build a strong team spirit.

> What will you do?

Our team of experts constantly work on various topics, such as hardware instrumentation, cryptography analysis and reverse engineering of mobile applications etc.

When they come to you in order to work on vulnerability assessment activities of mobile applications, you jump into your role and conduct penetration testing. You like exchanging with the experts to see how our/eShard services can be improved to provide excellence towards our customers.
As part of our roadmap, you and the team will develop meaningful metrics to reflect the true security posture of the environment, allowing the customer to make educated decisions based on risk. For this, you closely work with the Service Leader who provides guidance and expertise to produce actionable penetration testing reports.
You act as a source of direction, training, and guidance for less experienced staff. You are in charge of performing security design reviews and secure code reviews. During efficient and crisp meetings with the team, you look for ways to exploit vulnerabilities and design solutions to take remedial action. You are also responsible to do research with the aim to break the most recent security frameworks for mobile applications.
You are in charge of developing test modules for our SaaS mobile security testing platform (esChecker). In doing so, you also contribute to Open Source projects.
You will work either remotely or from our office in Pessac, France; it’s important to have a place of work to meet and hang out. Parts of a project may require interacting with customers all over the world. Our office culture is highly technical, our organisation fairly flat and our mindset flexible.

> Benefits

  • Competitive compensation package
  • Flexible working hours, remote-friendly environment
  • Strong focus on personal development
  • High performance office equipment
  • Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Meal Vouchers
  • Annual company outing plus snacks and drinks

Interested? Contact us by sending your CV HERE