Overview
Expleo is a trusted partner for your innovation journey. As a global engineering, technology and consulting service provider, we are ideally positioned to help you achieve your ambitions and future-proof your business. With a smart blend of bold thinking and reliable execution, we’re able to fast-track innovation through each step of your value chain.
We are strategically positioned to build value, with a global footprint across 30 countries.We are as global and local as you need us to be, with strong best-in-class pan-European technological centres and unique best-shoring capabilities.
We leverage a network of high value-adding affiliates in consulting and industrial excellence, and leading partners across multiple sectors to provide you with the most comprehensive services and solutions in an ever-changing environment.
Responsibilities
-Perform penetration tests on web applications, following the OWASP Testing Guide and OWASP Top 10 methodology.
-Apply manual and automated security testing techniques.
-Analyze and validate critical vulnerabilities, including:
-SQL Injection
-Path Traversal
-Cross-Site Scripting (XSS)
-Broken Access Control
-Session Management Weaknesses
-Insecure Cryptography
-Privilege Escalation
-HTTP Header Injection / Response Splitting
-Evaluate key areas such as:
-Session management and authentication
-Permission control and client code security
-Parameter and data manipulation
-Error and exception handling
-Encryption and data protection
-Produce clear technical reports with actionable recommendations.
-Collaborate with developers and QA teams to mitigate vulnerabilities found.
Essential skills
-Minimum of 4 years of experience in similar roles
-Proven experience in Web Application Penetration Testing.
-In-depth knowledge of OWASP Top 10 and security methodologies.
-Proficiency in security testing tools (Burp Suite, OWASP ZAP, Kali Linux, etc.).
-Experience with manual vulnerability analysis, in addition to automated testing.
-Good knowledge of web protocols (HTTP/HTTPS) and header security.
-Analytical skills and attention to detail.
-Fluency in English (written and spoken).
What do I need before I apply
- The candidate must already be residing in Portugal.