WHAT IS TELEFONICA CYBERSECURTY & CLOUD TECH?
We are the leading company in digital transformation and the cradle of talent in Cybersecurity and Cloud.
Innovation and continuous learning define us. We look for new ways of doing things, fresh and innovative ideas, experimenting, having fun and being enthusiastic in what we do. We are techies and we want to improve the world by making it more diverse, sustainable, and cyber-safe.
We would like to be defined as the ones that like to work as a team, rowing in the same direction and with common goals, with a brave attitude and without fear of change, counting on the best and seeking excellence in what that we do, open and transparent in our processes.
As an Information Security Expert, the Penetration Testers or Ethical Hackers Role is designed to hack into an organization’s IT environment by simulating cyberattacks and find security flaws and vulnerabilities in their people, processes, systems, and products and report them to the company before malicious hackers can exploit them against the company. The candidate must have strong technical knowledge and skills on how to locate and take advantage of the IT environment weaknesses.
YOUR DAY-TO-DAY WORK…
· Perform and variety of security functions aimed to find IT environment flaws and vulnerabilities in a controlled approach.
· Identify the latest updates and security risks and assess how to respond to threats and treat them, and various auditing and penetration testing skills.
· Establish a baseline of security readiness and response to modern-day security threats.
· Ability to discover weaknesses in the organization’s network infrastructure and assist in the effective combat of cyber-attacks.
· Execute on the latest techniques used against the expanded attack surfaces.
· Plan and scope a penetration testing engagement, perform pen-testing using correct techniques, tools, and then analyze the outcomes.
· Understand the compliance and legal requirements.
· Produce a written report containing proposed remediation techniques.
· Identify Regulatory compliance considerations, location restrictions, rules of engagement, background checks of penetration testing teams, DNS lookups, open-source intelligence, enumeration, fingerprinting, scanning methods, attack methods, injection attacks, report audience, data structures among others.
· Perform a significant penetration test on the Company’s network environment.
· Perform attacks, exploits and determine which evasion and defense mechanism could be set in place.
· Pentest IOT systems, OT systems, write own exploits, build your own tools, conduct advanced binaries exploitations, double pivot to access hidden networks, if any.
· Offensively used the tactics, tools, and techniques to access data and information for the organization internally and externally.
· Adhere to ethical security behaviors for understanding the attack methodology.
· Ability to write own custom codes.
· Understand network security in depth.
· Conduct offensive penetration testing that helps to reveal all the essential loopholes that can trigger an attack.
· Perform and know a range of tools, techniques, and skills necessary to attack IT systems to reveal vulnerable areas that require more robust protection.
· Identification, prevention, and mitigation of vulnerabilities leading to attacks.
· Mimic the mindset of a hacker and abuse/ violate IT systems and Infrastructure that are vulnerable to a possible future cyber-attack / threat.
· Build a robust upskilling process to mitigate cyber-attacks.
· Abusing/ violating IT sensitive Infrastructure and security systems to detect loopholes.
· Hunting/ Finding vulnerabilities in IT systems to counter possible future threats.
· Learning to mimic the offensive hacker mindset and approach to IT abuse/ offense.
· Create dynamic attack environments to perfectly analyze and assess a possible attack.
AND FOR THAT, WE THINK IT WOULD BE IDEAL FOR YOU TO HAVE...
What interested us the most?
· Systems Administration
· Network Administration
· IT Audits and Penetration Testers
· Ethical Hacking
· Web Management
· IT Security Analysis
· Application Security Vulnerability Analysis
· Network Server Administration
· Firewall Administration
· Risk Assessment
· Security Consultancy
· Security Audits
· Security Architecture
· Security Systems Engineering
· Compliance, Privacy and Risk Management
· Vulnerability Management
· IT Security
· CompTIA Security+
· Certified Ethical Hacker (CEH)
· CompTIA PenTest+
· Certified Penetration Testing Professional (CPENT)
· Offensive Cyber Security Engineer (OCSE)
· Offensive Security Certified Professional (OSCP)
· Spanish– professional, competent
· English -Advance or Native with excellent written and verbal
We have offices in Bogotá. This position is flexible as it permits the role to work remotely in your home, so you can be in any city in Colombia.
Si tienes acceso a SkillsBank, ¡no olvides completar y actualizar tu perfil de habilidades para que desde el área de People podamos conocer mejor tu perfil e identificar tu encaje con la posición!
Nuestro proceso está diseñado para evaluar cuidadosamente las habilidades, capacidades e intereses de cada candidato en relación a cada vacante. Contactaremos contigo en caso de que tu candidatura avance en el proceso. Podrás realizar un seguimiento de tu solicitud en el mosaico Carrera profesional o desde el menú principal > Carrera Profesional > Solicitudes de empleo.