Span is a Croatian IT company with a global reach specializing in high-quality information systems design and management services, as well as tech support for customers and enterprises. We're constantly improving, advancing and adopting new trends, new skills and new expertise, giving our employees virtually endless opportunities for professional development.
Red Team is working on offensive security which includes penetration testing, phishing activities, attack assessments, and vulnerability assessments. Span works for international and Croatian clients and on internal projects in Span. If you are familiar with this and want to continue to develop your career and help us build up team expertise, this is for you!
What you'll do:
- Infrastructure internal/external/wireless penetration testing projects
- Application penetration testing projects (web applications, mobile applications, thick/thin client, cloud native application, etc.) – including whitebox testing and security source code review
- Social engineering projects (phishing campaigns, spear phishing, whaling, etc.)
Because of the future projects, Red Team is developing to work on adversary simulation projects that includes:
- On site social engineering / impersonation
- Custom dropper and payload development
- Commercial and/or open- source C2 framework usage
- C2 infrastructure development and usage (C2 team servers, HTTP redirectors, SMTP relay, etc.)
What we expect:
- 3+ years experience at one of these roles Red Teamer, Red Team Operator, Offensive Security Engineer, Penetration Tester, Pentester, Security Engineer, Cyber Security Engineer, Cyber Security Analyst, Security Analyst
- Technical knowledge and desire to learn
- Communication skills - Red Team members write reports and give clients information about weak points and ways to manage them
- Experience with some of these technologies and tools: Kali Linux, Parrot OS, BlackArch Linux, Commando VM, Burp Suite, ZAP Proxy, Nessus, Qualys, Rapid7, Metasploit, commercial and/or open-source C2 frameworks, Cobalt Strike
Additional plus:
- Professional certificates in field of offensive security
- Experience with technical lectures on conferences
- Blog writing, creating content related to work
- Active Github, Gitlab profile
What's in it for you:
- Competitive salary according to your experience
- A business phone of your choice
- InHouse testing center- we are giving you an option of gaining professional certificates
- Regular feedback on your performance and personalized career development plan
- Possibility to earn different types of bonuses
- Subvention of Multisport card- not only brain workout is important
- Minimum of 25 vacation days
- Complete health checks- adjusted for men and women
- Psychological counseling- we care about your well-being
- Lunch and transportation compensations
- Benefits for children of employees
