Маєш запитання стосовно вакансій, проєктів, умов роботи? Напиши нашому рекрутеру!
Надіслати резюме

Responsibilities:

  • Vulnerabilities discovery in Manual and Automated ways as part of Penetration testing and Application Security reviews;
  • Evaluation of security risks and recommendation of threat mitigations;
  • Documentation of findings; Record PoC videos; Reports presentation;
  • Security training for internal QA and Development teams.

Requirements:

  • Ability to manually find and exploit vulnerabilities in web, mobile, and on-premise applications;
  • Experience with various penetration testing tools (Kali Linux, Burp Suit, Frida, Drozer, Metasploit, nmap, sqlmap);
  • Experience at BlackBox and/or WhiteBox application assessment;
  • Deep knowledge of one or more operating systems (Linux, Windows, Mac, IOS, Android, ect);
  • Knowledge of different attack techniques (OWASP top 10; WASC; SQL injection; XSS; CSRF; SSRF; XXE; http response splitting; cache poisoning; code injection; MITM http/https, etc...);
  • Experience with HTML, XML, JavaScript, CSS, SQL, and JSON;
  • Experience to assess security with databases: SQL, nosql, LDAP;
  • Knowledge and understanding of Application Security, System and Network Security, Authentication and Security protocols.

Would be a plus:

  • Ability to run manual test of binaries for vulnerabilities;
  • Experience in Jeb, IDA Pro, Process hacker;
  • Experience in Social engineering attacks;
  • OSCP.
Надіслати резюме