About the job

Company Description

Inflancer Technology is a product development company that specializes in AI, web & app development, Digital Marketing Located in Kathmandu, Nepal, our firm is dedicated to excellence and innovation in technology. With a team of skilled developers, designers, and project managers, we have a strong track record of transforming ideas into practical solutions for our clients. Our commitment to staying at the forefront of technology ensures that we consistently deliver high-quality custom software solutions to meet the evolving needs of our clients.

Job Overview: We are seeking a skilled System Security Specialist with expertise in ethical hacking and cybersecurity, particularly focused on securing web applications, backend APIs, systems, databases. In this role, you will be responsible for assessing and enhancing the security of our digital platforms through penetration testing, vulnerability assessments, and ethical hacking techniques. You will collaborate closely with our development, operations, and platform teams to ensure our systems and user interactions are protected against cyber threats.

Responsibilities:

• Conduct comprehensive penetration testing and vulnerability assessments across web applications, backend APIs, systems, and databases.
• Assess and enhance security measures for social platform user authentication protocols (e.g., OAuth, OpenID Connect) to prevent identity theft and unauthorized access.
• Evaluate and improve conversation security mechanisms to protect messaging systems, chatbots, and user interactions from eavesdropping and manipulation.
• Perform security assessments of backend APIs to identify and mitigate vulnerabilities such as injection flaws, authentication issues, and insecure direct object references.
• Assess and enhance system security measures, including server hardening, network segmentation, and access control.
• Evaluate database security controls and configurations to prevent unauthorized access, SQL injection, and data leakage.
• Identify and exploit security weaknesses to simulate sophisticated attack scenarios and provide actionable recommendations for remediation.
• Develop and implement custom security solutions and defenses to mitigate risks specific to web platforms, APIs, user authentication, and conversation security.
• Stay updated with the latest security trends, vulnerabilities, and exploitation techniques relevant to digital platforms and open platform security.
• Collaborate with cross-functional teams to integrate security practices into the software development lifecycle (SDLC) and DevOps processes.
• Provide guidance and mentorship to team members on platform security, open platform user authentication, and conversation security best practices.

Skills Required:

• Expertise in ethical hacking techniques and methodologies, with a focus on web application, API, system, database, open platform user authentication, and conversation security.
• Proficiency with penetration testing tools such as Burp Suite Pro, OWASP ZAP, Nmap, Metasploit, etc.
• Deep understanding of open platform user authentication protocols (e.g., OAuth, OpenID Connect) and best practices for securing user identity and access.
• Knowledge of conversation security principles and techniques to protect messaging systems, chatbots, and user interactions.
• Experience with system hardening techniques for servers (Linux, Windows), network devices, and virtualization platforms.
• Strong scripting and programming skills (e.g., Python, PowerShell, SQL) for automation, tool development, and data analysis.
• Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Experience with security assessment and reporting tools.
• Familiarity with regulatory requirements and compliance standards (e.g., GDPR, PCI-DSS).

Preferred Skills:

• Industry certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), CISSP (Certified Information Systems Security Professional), or similar.
• Experience with cloud security (e.g., AWS, Azure, Google Cloud) and container security (e.g., Docker, Kubernetes).
• Knowledge of secure coding practices and code review techniques.
• Background in incident response and digital forensics.
• Active participation in security research and community contributions.

Education and Experience:

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Minimum of 1 years of experience in web application security, backend API security, system security, database security, open platform user authentication security, and conversation security.

Why Join Us:

• Opportunity to work with cutting-edge technologies in a dynamic and collaborative environment.
• Competitive salary and benefits package.
• Career growth and development opportunities.
• Make a significant impact by securing our digital platforms, user interactions, and sensitive data against advanced cyber threats.

Application Process: To apply, please submit your resume and a cover letter outlining your experience and interest in this position or mail to [email protected]