Vulnerability Analyst

Since its foundation in 1925, DEKRA has been ensuring the safety of human interaction with technology and the environment through a tradition of innovative thinking. This approach is something we strive to embrace, whether it's in the practical tasks our employees perform or in the community-shaping office life.
In just two years, DEKRA Nearshore Center has grown from a concept to a rapidly growing company that is a cornerstone of the parent company's global IT infrastructure.
Your contribution to achieving global safety, security, and sustainability:
  • Identify vulnerabilities or weaknesses in Internet facing assets (websites, web-applications, and services) and report them to assets owners.
  • In this position you are responsible of performing data collection in support of Attack Surface Management, identifying vulnerabilities, performing verification/validation/testing for vulnerabilities in external-facing web sites, web applications, and services; and demonstrate exploitation steps.
  • You are also responsible to assess their criticality if exploited by threat actors and to generate comprehensive reports (including detailed findings, exploitation procedures, and remediation / mitigation techniques) in order to report the vulnerability found to the asset owner.
  • The vulnerability analyst is also responsible for making vulnerability assessment for specific assets marked as critical or on demand by our internal stakeholders.
  • Identify vulnerabilities and assess technical cybersecurity vulnerabilities.
  • Evaluate risk and severity of discovered vulnerabilities.
  • Identify attack vectors, uncover, and demonstrate exploitation of technical cybersecurity vulnerabilities.
  • Document and report vulnerability report to stakeholders.
  • Ensure follow up for the remediation status including sending reminders to asset’s owners.
  • Organise test plans and procedures for vulnerability scans.
  • Document and report vulnerability assessments results report to stakeholders.
  • Develop custom tools and small utilities.
  • Conduct technical analysis and reporting, develop codes and scripts
The more points that apply to you, the more you can earn with us:
  • Owning skills with min. 3 years’ experience in the field of Cyber Security, understanding in the approach threat actors take to attacking a network, phishing, port scanning, web application attacks, DDoS, lateral movement, OWASP common vulnerabilities and testing methodologies, familiarity with common web vulnerabilities (XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws)
  • Experience with Attack Surface Management/OSINT tools and utilities (Burp Suite, Cycognito, Tenable Nessus, Shodan, Nmap, etc.)
  • Experience with one or more scripting languages such as Python, Perl, PowerShell, Bash etc.
  • Excellent written and verbal communication skills in English
  • Having higher education - University Degree or several years of relevant working experience
  • Believing that the whole is more than the sum of its parts: a.k.a. teamwork is essential to move forward
  • Being eager to share knowledge across departments and being open to acquire knowledge from others too
  • Taking education and self-development as a fundamental part of your routine
  • Thinking that a workplace is not just a place to work, but a social environment as well
In return, we are offering you:
  • A full week to onboard and get to know us – guided by your personal buddy
  • Company notebook and phone with unlimited calls and data - for personal usage too
  • Travel allowance & several cafeteria options
  • Long term career perspective ensured by a personal development plan and coaching opportunity
  • Continuous professional development: training opportunities for both hard and soft skills – Udemy, Microsoft ESI, language classes and many more!
  • We value your achievements: the annual bonus is based on your performance
  • Enjoy the fruits in the kitchen
  • Several ergonomic asset options – like walking pads for meetings or taking a break
  • Medicover health insurance (Blue Package)
  • Did we mention that the office rooftop has a running track?
  • Bilingual environment & international projects
  • Regularly organized team events
  • Charity and other CSR projects in working hours
  • We build on trust - we can provide flexible options to ensure your work-life balance
  • Brand new office with everyting you need: coffee, drinks, fruits and specific areas tailored to your needs – focus or collaboration work, phone booth, social room and many more!
  • Easy accessibility with public transport and car as well
  • Hybrid workplace: social engagement in the office and home office opportunity (2 days/week)
Place of Work: Budapest One Business Park (Budapest, XI.)
Still not convinced? Then take this as an invitation – come and see where and how we are working over a coffee or at the foosball table!

Apply for the job

Please fill the form.