● Overall understanding of SDLC concept and complex Service/Application architecture, experience in its
analysis for security vulnerabilities. Ability to define risks connected with vulnerabilities;
● Knowledge in wide range of Web threats (XSS, SQLi, CSRF, ®LFI, Code injections, Session
hijacking, Path traversal, Parameter tampering, etc.) and strong experience in assessment of application
● How-to knowledge in detecting security flaws for: Web and Application Servers (IIS, Apache, nginx,
haproxy or similar), RDBMS (PostgreSQL, MSSQL, etc.), mobile applications, etc.
● Deep knowledge in Web technologies: protocols (HTTP/HTTPS, etc.), frameworks (NodeJS) and API
structures (XML, REST, JSON, etc.);
● Understanding of network technologies: TCP/IP stack, DNS, DHCP, SSL/TLS, etc. and net security
controls: ACL, IPS/IDS, packet inspection
● Ability to read and inspect source codes for security flaws in C# (and .NET framework overall).
● Practical usage of penetration testing standards: PTES, OSSTMM, OWASP, etc. and secure coding
practices: ENISA, etc.
● Strong penetration testing toolkit usage: KALI or similar
● Offensive-minded (think like a hacker) person;
● Good communication skills, ability to explain actual risk behind security flaw;
● Good analytical and reporting skills;
● Ability to dive into details and study new knowledge.
● Pentest certification is a plus: CEH, OSCP, etc.;
● Ability to analyze infrastructure security layers (OS, DB, Network);
● Malware analysis or reverse engineering experience;
● Knowledge in Delphi development (Object Pascal);
● Experience in secure coding practices implementation.
● Fully paid sick leaves and 20 working days paid vacation;
● Great opportunity to take part in unique Ukrainian Sportsbook product development;
● Team of passionate professionals with experience exchange;
● Paid trainings, conferences, professional library and career and proficiency development plans;
● Team building events;
● Paid sport trainings/medical insurance;
● Sandwiches, juices, cookies, fruits and many-many more...
● Execute penetration tests of websites and web-based applications. Perform risk-based assessment,
prioritize vulnerabilities and support DEV teams in its remediation.
● Execute security analysis for new applications and products. Ensure security within design of the
● Regularly examine internal applications for security vulnerabilities and threats; conduct in
● Conduct to overall Information Security Awareness Program. Consult employees on the matter of
Information and IT Security including secure coding practices.
● Design secure coding standards for DEV teams and control its execution.
BETLAB is Ukrainian Product company in Sports betting sphere and we are looking for Application Security
Specialist tо keep up-to-date innovative and best technical stack in our product development.
We are making platform which covers all processes of Sports betting business. We started in 2014, and now we are 200+ team members all together working on achieving our shared goal and we keep growing!