Security Researcher SR

Security Researcher SR

At Onapsis we specialize in researching and developing IT security solutions to protect critical business applications, such as SAP and Oracle, of the world's largest companies and organizations.

About the tribe:

• Founded in 2009, with the room of one of our founders as the first office in Argentina, we became a company with a global presence with headquarters in Boston, and regional offices in Buenos Aires and Heidelberg.
• Our clients represent 20% of Fortune100 companies.
• We are migrating to the cloud, respecting high levels of quality.

We pride ourselves on our inclusive culture and work as a team relying on all members of the tribe to succeed together. We are waiting for you to add value, learn and share your ideas (the crazier the better!). Help us hack everything that works ... and make it better.

For our US Office, we are looking for an experienced, passionate and creative Security Researcher to join our Offensive Security team.

Key activities and responsibilities:

• Research on security vulnerabilities in ERP systems and business-critical applications.
• Perform consulting Ethical Hacking services over ERP systems and business-critical applications.
• Develop attack detection rules for Onapsis Security Platform.
• Write papers, blog post and new materials to be published in Onapsis website.
• Assist to international conferences to present the outcome of Onapsis´ research
• Hold trainings on how to assess and defend ERP Applications. 

Required skills and aptitudes:

• Student or college graduate in the field of computer science or engineering.
• 4+ years of relevant work experience in information security.
• Fundamental understanding of network protocols and packet analysis (wireshark,  tcpdump, etc.)
• Experience coding/scripting in one or more general purpose languages including but not limited to Python.
• An understanding of the Linux operating system.
• Problem solving capabilities.
• Advanced English skills.
• Knowledge in penetration testing and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks and more.
• Knowledge of the OWASP Top 10 and CWE Top 25.

Desired skills and aptitudes:

• Experience in customer support, basic troubleshooting.
• Experience reading ABAP code is a plus.
• Self-motivated and results-oriented.
• Excellent interpersonal and communication skills.
• Availability for traveling (eventually, mainly to US and Europe).

#LI-RG1
#LI-Remote