דרושים בחברת קומסק

נמצאו 3 משרות
*המשרות באתר מיועדות לנשים וגברים כאחד
Comsec is hiring a PCI Security Consultant.
PCI DSS is a detailed and strict standard, published by the PCI SSC, intended to secure credit card data, both at rest and in transit.
PCI DSS also examines information security management as well as secure development processes within the organization or the scoped environment.
PCI DSS applies to entities that store, process or transmit cardholder data and also to entities that might affect the security controls of such environments, for example hosting providers, managed service providers, or remote SIEM/SOC service providers.
Comsec is hiring a PCI Security Consultant.
PCI DSS is a detailed and strict standard, published by the PCI SSC, intended to secure credit card data, both at rest and in transit.
PCI DSS also examines information security management as well as secure development processes within the organization or the scoped environment.
PCI DSS applies to entities that store, process or transmit cardholder data and also to entities that might affect the security controls of such environments, for example hosting providers, managed service providers, or remote SIEM/SOC service providers.
דרישות:
5 years proven on Linux system / Devops (hands-on)
CISSP / CISM - mandatory
Knowledge with AWS / AZURE - an advantage
Familiarity with the container environment - an advantage
Self-study ability 
Autonomous work ability
Multitasking 
Familiarity with PCI DSS - an advantage
Information Security - an advantage

מיקום המשרה: מרכז, שרון
סוג משרה: משרה מלאה
תאריך עדכון: 14/11/2019
קוד משרה: JB-00261
Comsec is hiring Senior Cyber Security Architecture, Applications
The Senior Consultant will lead the team and conduct ongoing Application Architecture design for our customers.
Comsec is hiring Senior Cyber Security Architecture, Applications
The Senior Consultant will lead the team and conduct ongoing Application Architecture design for our customers.
דרישות:
3 years of proven experience in the field of Application Security- mandatory.
Proven Knowledge in Security Components and Application Infrastructure such as: Authentication, Authorization, Cryptography)  - mandatory.
Extended experience in Design Review/ Application Architecture- mandatory.
Knowledge in SSDLC - mandatory. 
Experience in Threat Modeling, and features writing- advantage. 
Excellent verbal and written English
Excellent writing, communication and leading skills.
Knowledge of programming: .net, Java Script, Python.
Independent learning & management capabilities
Multi-tasking capabilities
מיקום המשרה: מרכז, שרון
סוג משרה: משרה מלאה
תאריך עדכון: 14/11/2019
קוד משרה: JB-00257
Comsec is Looking for a motivated individual who is able to learn and research new technologies and vulnerabilities. As a member of the offensive security team, you will be tasked with various different projects including unordinary and proprietary systems. The role requires the ability to perform “by-the-book” penetration tests, but also to research a technology and find potential security vulnerabilities in proprietary systems.
The workflow includes conducting Infrastructure Penetration Tests and Red Team engagements – Performing intelligence gathering, planning and exploitation of various technologies and resources.
Leading application Penetration Tests and architecture reviews.
Conducting offensive security operations such as Phishing, Social Engineering simulations and DDoS.
Comsec is Looking for a motivated individual who is able to learn and research new technologies and vulnerabilities. As a member of the offensive security team, you will be tasked with various different projects including unordinary and proprietary systems. The role requires the ability to perform “by-the-book” penetration tests, but also to research a technology and find potential security vulnerabilities in proprietary systems.
The workflow includes conducting Infrastructure Penetration Tests and Red Team engagements – Performing intelligence gathering, planning and exploitation of various technologies and resources.
Leading application Penetration Tests and architecture reviews.
Conducting offensive security operations such as Phishing, Social Engineering simulations and DDoS.
דרישות:
Attacking domain environments and performing Red Team engagements:
OSINT, passive and active reconnaissance
Attack planning and execution – Exploiting public facing services, phishing, social engineering, etc.
Payload development
Privilege Escalation
Lateral Movement
Persistence
NAC bypass techniques

Experience in application penetration testing:

Cross-Site Scripting
Cross-Site Request Forgery
SQL Injection
XML External Entities
Server Side Request Forgery
Remote Code Execution
Uploading Web Shells
Deserialization and Object Injection
מיקום המשרה: מרכז, שרון, ירושלים, דרום
סוג משרה: משרה מלאה
תאריך עדכון: 14/11/2019
קוד משרה: JB-00260