5+ years of progressive experience in IT security
Development of intruder models and attack vectors
Good understanding of computer networks, clouds, security solutions and processes
Strong administrative skills in OS (Windows and Linux), Databases, Docker and Cloud environments administration including understanding of and experience in security aspects
Knowledge and experience of exploit frameworks, compiling and exploits usage
Experience of successful penetration tests in local networks, client-server systems, websites, Wi-Fi, etc.
Knowledge of malware trends and understanding of modern protection techniques
Understand common security risks for IT infrastructure and it’s components
Deep knowledge of common Vulnerabilities (eg infrastructure, WEB, network, IOT)
Understanding of common types of WEB security attacks (DNS cache poisoning, ARP spoofing, DDoS, XSS, CSRF, SQL Injection, OWASP Top 10, etc.)
Experience with MITRE-stack attacks detection, response, protection against them
Knowledge of the international standards, frameworks and best practices: OSSTMM, NIST
Strong WEB language skills (Python, Bash, JS, PHP, etc.) including security aspects and best practices
Experience with C, Java, C# and other related languages
Low-level programing skills
Fuzzing practical experience
Knowledge of log analysis tools and techniques
Experience in reverse engineering of business applications
Strong cybersecurity analysis and situational awareness skills
Experience in Security incidents detection and investigation
Experience in social engineering testing
Good command of English, proven writing and editing skills
Proactive, result-oriented personality able to work individually and in a team
Any professional security certification such as CEH, OSCP, CREST, Mile2 CVA, Mile2 CPEH or similar certificates is advantage
Experience in computer forensics is desirable
Perform assessment of overall customer security level and suggest improvements
Performing Penetration testing, Vulnerability scanning, Secure code reviews
Full scope of Penetration testing activities like: WEB applications, Desktop applications, Infrastructure, Mobile applications (iOS, Android), IoT and Embedded systems testing
Secure development life cycle assessment and improvements
Malware engineering and reverse engineering experience
SOC Team support as L3 engineer for complex (eg ATP like) security incidents
Vulnerabilities research and bugs bounty hunter
Managing internal or external resources for complex projects
Internal methodology, procedures, documentation and operations enhancement
Mentoring and knowledge sharing with team-mates
Infopulse Ukraine welcomes talented professionals to join our Security team as a Penetration Test Lead Engineer. We are looking for an experienced and responsible professional to be part of our expert team.