Arifu – Test Automation and Penetration Tester.

About Arifu:

Our product is a smart chatbot making it possible for anyone to access the information and opportunities they need from the organizations they trust over any mobile phone. With Arifu, people seeking to learn can freely chat with Arifu using interactive SMS or smartphone chat apps to master new skills, discover a world of free educational content, and earn rewards from our partners whether or not they have internet or airtime. The Arifu chatbot delivers personalized content designed in-house in close collaboration with our partners such as financial service providers, mobile operators, agribusinesses and NGOs. Our partners use Arifu to engage, train, and capture data on mass market and hard-to-reach people across their value chains, especially low-income customers and informal retailers and suppliers. Currently serving over 1,000,000 learners in Africa together with clients such as Mastercard, Safaricom, KCB, and the UN, Arifu has demonstrated results increasing people’s income and access to impactful products and services while creating shared value for partners.

Job Description: 

The Test Automation and Penetration Tester will report directly to the the Head of Quality Assurance and be responsible for: 

• Conducting penetration testing exercises on intranet, internet, and web
• Conducting simulated attacks which replicate real-world exploitation techniques/scenarios
• Analysing data related to security vulnerabilities
• Generating reports on findings, risks and recommendations
• Working closely with technology teams to develop and implement relevant solutions
• Perform system, network and web application penetration tests regularly as per the schedule and any ad hoc request comes
• Perform black, gray and white-box Web Application and Web Service penetration testing.
• Designing and developing test automation scripts.
• Develop and lead the automation strategy/effort and generate scripts to perform automated testing cycles using Selenium & Appium
• Design, Execute and analyze automation test scripts & test results for Web applications, iOS, Android & Windows Phone apps
• Using test automation guidelines.
• Researching issues in software through testing.
• Collaborating with QA Analysts and Software Developers to develop solutions.
• Keeping updated with the latest industry developments.

Qualifications: 

A desire to impact lives, the ability to make a long-term commitment to your team and the product and exceptional problem solving abilities are all essential prerequisites on the Arifu team. For this role, we’re also looking for someone with the following:

• Bachelor’s Degree in Information Technology, Information Security or related field required
• Relevant certifications such as OSCP (Offensive Security Certified Professional) and OSCE (Offensive Security Certified Expert)
• 4+ years of experience in penetration testing and 3+ automation
• Experience with networking, network protocols, and security infrastructures
• Familiar with penetration testing methodologies and standards (e.g. NIST, CIS, OSSTMM)
• Technical background and an understanding of the mobile apps & eco-system
• Good development/scripting skills in common languages which are Web-driver compatible language such as Java, Objective-C, JavaScript with Node.js, PHP, Python, Ruby, C#, or Perl with the Selenium WebDriver API and language-specific client libraries.
• Good experience with different Mobile Operating Systems (iOS, Android, Windows Phone)
• Expertise in bypassing / breaking authentication protocols (Enumeration, Brute-force, breaking application configuration parameters, etc.)
• Expertise in web session management. Testing of web servers logic and interfaces
• Expertise with Data Validation for Web Applications to test against vulnerabilities (e.g., ref. OWASP) such as XSS, injections (LDAP, SQL, HTML), overflows, etc.
• Creative thinker with an understanding of what can really work in a distributed and complex environment.
• Strong understanding of Windows and Linux environments and networking
• Ability to collaborate effectively as part of a team, as well as work independently with minimal supervision
• Ability to interact successfully with both technical and non-technical stakeholders
• Fluency in English and Swahili required;
• Ability to handle the chaos of a fast-paced startup work culture and a willingness to take on additional tasks and support the work of other team members as necessary to achieve collective goals.
• Ability to write scripts/tools as required by the job
• Ability to work with minimal day-to-day direction and must be personally motivated to continually learn new, emerging technologies.

Compensation and Benefits:

First and foremost, we care about your success. Investment in our team members is the only driver of Arifu’s success. We offer competitive compensation packages including participation in the Arifu Rewards Program. We also offer a comprehensive health insurance package and will cover the cost of a work permit for foreign staff. Other benefits include monthly airtime allowance, extra leave, a stocked kitchen for breakfast and snacks, monthly phone credit, and plenty of ping-pong and foosball among other extra-curricular activities.

Application Process:

Send your CV to talent@arifu.com with “Penetration Tester” in the subject and tell us what excites you about this role. If we see a good fit, we’ll get back to you to set up a first conversation. Please note that due to the volumes of applications received, only shortlisted candidates will be contacted.

https://www.linkedin.com/jobs/view/2220529607/?