Сучасна диджитал-освіта для дітей — безоплатне заняття в GoITeens ×
Ciklum is a global digital solutions company headquartered in London, UK.
6 лютого 2019

Senior Security QA Engineer for Testing Center of Excellence and Metro (190000FU) (вакансія неактивна)

On behalf of Testing Center of Excellence and Metro Group, Ciklum is looking for a Senior Security QA Engineer (Application Security Analyst) to join Kyiv team on a full-time basis.

Project Description
Metro Group is the top-5 largest retailer in the world. We are honored to be a partner to build brand-new eCommerce Marketplace platform and make our client #1 digital eCommerce provider in Europe.
Our client has incredible expertise in physical sales, as well as successful eCommerce business in Germany. New commercial platform is part of strategic roadmap to bit global marketplace providers like Amazon/eBay in selected market segments and leverage strong world-wide branding, 20+ millions of existing offline clients, dedicated field-force sales in Europe and well-established logistics, delivery and client-support network.
The platform assumes to host 10+ high-load cloud-based product applications, managed end-to-end by dedicated teams (including Product Owner on client side /Germany/, and full cross-functional teams on Ciklum side /Kiev). Ciklum team encounters 100+ employees for this project which is planned for 18 months at least. First public-beta release is planned for Sep 1, 2019. Our delivery started in September 2018 and current team size is 50 employees.
Automation, performance and security QAs will work along with Manual QA engineers to ensure the highest quality standards. Our project offers amazing opportunity to apply your experience, build engineering process from scratch using the latest technologies and gain new knowledge.

About Testing Center of Excellence:
Testing Center of Excellence is software quality assurance unit in Ciklum which has been evolved very rapidly for the past 4 years to a mature SQA services provider, concurrently serving up to 60 projects, consisting of 150+ SQA professionals, delivering 5 main service lines.

Our main principles are:
People are over processes and hierarchy.
Flat and open collaboration/communication increases creativity and brings more value to business.
Investing to people and innovations ensures your future.
Reuse and share your experience — Develop best practices, publicize and follow them.

Testing Center of Excellence is an optimal environment for your professional involvement and growth.

Testing Center of Excellence is unique provider of QA Services and QA Consulting in the following areas:
- Manual Web / Mobile QA Services
- eCommerce QA Services
- Automation QA Services
- Performance QA Services
- Security QA Services
- QA Consulting

Responsibilities:
- Security projects estimation, participation in analysis of security team efforts
- Guide middle and junior engineers through projects
- Vulnerabilities discovery in Manual and Automated ways as part of Penetration testing and Application Security reviews
- Evaluation of security risks and recommendation of threat mitigations
- Documentation of findings into formal security assessment report
- Present report to customers
- Security trainings for security team and internal manual / automation QA and Development teams
- Communication with client’s technical personnel

Requirements:
- BS in Computer Science or related field
- At least 4 years of relevant work experience including but not limited to: Web and Mobile Application Security, Penetration testing, Vulnerability assessment, and Code-level Security Auditing
- Ability to manually find and exploit at least OWASP Top10 Web vulnerabilities
- Ability to manually find and exploit at least OWASP Top10 Mobile vulnerabilities
- Familiarity with OWASP Testing guide
- Experience with various penetration testing tools (e.g. BurpSuite, Metasploit, OWASP ZAP) on Linux and Windows
- Ability to operate by vulnerability assessment tools like Tenable Nessus or Rapid7 Nexpose
- Experience with HTML, XML, JavaScript, CSS, SQL, and JSON
- Experience with one or more scripting languages: Python, Ruby, PHP, Bash, and Perl.
- Ability to read source code and find issues using tools or manually in .NET or Java
- Knowledge and understanding of Application Security, System and Network Security, Authentication and Security protocols
- Upper intermediate English level

Desirable:
- Relevant work experience in one of the following: Development, QA Automation (Web, Mobile, etc.), and Security consulting
- Professional certifications. For example, issued by: Offensive Security, eLearn Security, SANS, CREST, Mile2, SecurityTube, ISACA, (ISC)2 and EC-Council.
- Experience with Bug Bounty programs (e.g. BugCrowd, HackerOne)
- Security related publications, blog posts, and/or participation in tools development

Personal skills:
- Ability to handle input being provided unformalized
- Ability to switch fast from one task to another
- Ability to think and search for solution without supervision

What’s in it for you?
- Possibility to propose solutions on a project.
- Participation in project estimation.
- Dynamic and challenging tasks.
- Ability to influence project technologies.
- Team of professionals: learn from colleagues and gain recognition of your skills.
- Fast professional.

About Ciklum
Ciklum is a top-five global Software Engineering and Solutions Company. Our 3,000+ IT professionals are located in the offices and delivery centres in Ukraine, Belarus, Poland and Spain.
As Ciklum’s employee, you’ll have the unique possibility to communicate directly with the client when working in Extended Teams.
Besides, Ciklum is the place to make your tech ideas tangible. The Vital Signs Monitor for the Children’s Cardiac Center as well as Smart Defibrillator, the winner of the IoT World Hackathon in the USA, are among the cool things Ciklumers have developed.
Ciklum is a technology partner for Google, Intel, Micron, and hundreds of world-known companies. We are looking forward to seeing you as a part of our team!

Гарячі вакансії

Всі вакансії