Please mention DailyRemote when applying
AI Summary
The specialist will remediate vulnerabilities in a compromised health application and establish a long-term security posture. This includes conducting comprehensive vulnerability assessments, executing penetration tests, and delivering prioritized remediation roadmaps.
We are looking for an experienced Cybersecurity Specialist for our client, a social enterprise in the health sector operating across multiple African countries. Following a recent coordinated cyberattack, the immediate priority is to remediate residual vulnerabilities in a health application and establish a stronger, long-term security posture. This is a phased engagement - starting with urgent remediation, progressing through a full vulnerability assessment and penetration testing programme, and culminating in an ongoing biannual security retainer.
Key Responsibilities
- Review and implement outstanding security recommendations on a compromised health application, confirm the attack vector is fully closed, and verify no backdoors or persistence mechanisms remain
- Conduct a comprehensive vulnerability assessment across all in-scope assets including the public-facing website, health application, product application, supporting APIs, backend services, and data stores
- Identify vulnerabilities across authentication and session management, injection risks, insecure data storage and transmission, access control and privilege escalation, security misconfigurations, and outdated components
- Execute internal and external penetration tests to validate exploitability of identified weaknesses and model the real-world threat landscape
- Deliver clear, structured reports including a remediation confirmation report, vulnerability assessment report, penetration test report, and a prioritized remediation roadmap
- Propose and support the establishment of an ongoing biannual security review and advisory retainer
Required Skills and Experience
- Proven hands-on experience conducting vulnerability assessments and penetration testing (both internal and external) across web and/or mobile applications
- Strong knowledge of common vulnerability domains: injection attacks, authentication weaknesses, access control flaws, insecure data handling, and security misconfigurations
- Experience assessing APIs, backend services, and supporting infrastructure
- Ability to implement security fixes directly and provide clear remediation guidance to engineering teams
- Experience in healthcare, NGO, or social enterprise environments - particularly involving sensitive health data - is a strong advantage
- Strong written communication skills: able to produce reports that are accessible to non-technical leadership while retaining sufficient technical depth for engineering partners
Automatically Apply to the Best Remote Jobs
Stop the endless job search. Our AI finds and applies to the best jobs for you.
