Penetration Tester - Cloud security

Security Guard • Marseille

Dernière mise à jour: il y a 6 heures

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée
• Nouvelle offre

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

• Offre sponsorisée

Important : this is a freelance opportunity

Company Description

Cyvex.io is a French startup dedicated to cloud security. They assist companies in securing their cloud environments, containers, SaaS applications, and multi-cloud deployments from configuration to production. Cyvex.io offers personalized audits, cloud-native pentests, and in-depth analyses of Terraform, Kubernetes, and SaaS infrastructures.

Role Description

This is a full-time remote role for a Penetration Tester - Cloud Security at Cyvex.io. The Penetration Tester will be responsible for conducting pentests on cloud and hosted applications, assessing cloud security posture, auditing SaaS security, and evaluating container and Kubernetes security. They will also perform Infrastructure-as-Code audits and support clients in securing their cloud environments.

Qualifications

• Experience with cloud security (AWS, Azure, GCP).
• Application Security and Red Teaming expertise
• Cybersecurity knowledge
• Experience in conducting penetration tests and security assessments
• Familiarity with regulatory compliance
• Strong problem-solving and analytical skills
• Relevant certifications (e.g., OSCP, OSCE, GIAC).
• Ability to work independently and remotely
• Bachelor's or Master's degree in Computer Science, Information Security, or related field

Requirements

• 3–5 years of experience in penetration testing, focusing on cloud, web applications, APIs, and mobile apps.
• Proficiency with tools such as for cloud audit and webapp penetration testing
• Strong understanding of OWASP Top 10 (Web, API, Mobile) and other security frameworks.
• Experience testing authentication mechanisms, including OAuth, JWT, SAML, and API key-based authentication.
• Familiarity with GraphQL security testing and API fuzzing techniques.
• Strong written and verbal communication skills for client reporting and presentations.
• Ability to translate technical risks into business impact for clients.
• Ability and willingness to perform network and wireless penetration testing and social engineering when required.

If you feel that your qualifications, talents, and values align with our culture, we welcome you to apply by submitting your resume today or send us an email on [emailprotected]