PIN-UP.TECH develops software for the iGaming industry, specializes in technological solutions.
12 лютого 2024

Penetration Testing Specialist (вакансія неактивна)

Київ, Варшава (Польща)

PIN-UP.TECH is one of the directions of the international ecosystem PIN-UP Global, which operates in six countries — Ukraine, Poland, Kazakhstan, Cyprus, Peru, and Armenia. PIN-UP.TECH is the foundation of today’s international ecosystem of PIN-UP Global, the main products of PIN-UP.TECH are platforms for Ukraine and Kazakhstan. PIN-UP Global is an ecosystem of independent companies involved in the life cycle of various entertainment products. Ecosystem companies introduce innovative technologies, non-standard solutions for the development and scaling of products and services.

We are looking for a Penetration Testing Specialist to join our team.

Requirements:

• 5 years or more of prior experience in penetration testing and vulnerability assessment;
• Experience in drafting recommendations to mitigate the risks associated with uncovered vulnerabilities and weak spots;
• Proficiency in the gambling industry operations and understanding of affiliate partnerships, casino infrastructure, and provider relationships would be a significant advantage;
• Knowledge of industry best practices and standards such as PTES, NIST SP 800-115, OSSTMM, OWASP Testing Guide, PCI SSC Testing Guide;
• Fluent knowledge of OSI model, TCP/IP stack and routing;
• Fluent understanding of web technologies and APIs with the ability to demonstrate expertise in web technology stack;
• Understanding browser security mechanisms such as SOP, CSP, and HSTS;
• Ability to script basic operations for tasks such as parsing and exploiting bugs;
• Excellent communication skills, both written and verbal;
• Strong analytical skills and problem-solving abilities;
• Ability to work collaboratively in a team and independently;
• Deadline-oriented with the capability to manage multiple tasks;
• Cultural adaptability and the ability to work across diverse environments.

Will be a plus:

• A bachelor’s degree or higher in a relevant field would be a plus;
• Certification or equivalent experience in penetration testing (e.g., CEH, OSCP).

Responsibilities:

• Utilize proficient skills with tools such as Burp Suite, various extensions, diverse scanners, and nuances of their configurations to conduct penetration testing effectively;
• Demonstrate expertise in a popular web technology stack to review code when necessary;
• Identify, exploit, and address vulnerabilities outlined in OWASP Top 10, employing comprehensive knowledge of detection, exploitation, and remediation;
• Develop and conduct attacks against existing business logic rules and existing weak spots discovered;
• Analyze systems, construct threat models, strategize exploitation scenarios, and identify weak points;
• Understanding of gambling industry operations including affiliate partnerships, casino infrastructure, and the role of providers to effectively testing gaming platforms;
• Draft recommendations for vulnerability remediation tailored to project specifics.

Our benefits to you:
☘️An exciting and challenging job in a fast-growing product ecosystem, the opportunity to be part of a multicultural team of top professionals in Development, Engineering and Architecture, Management, Operations, Marketing, etc;
🤝🏻Great working atmosphere with passionate IT experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;
📍Beautiful offices in Kyiv, Warsaw, Limassol, Almaty, Yerevan — work with comfort and enjoy the opportunity to build a network of connections with IT professionals day by day
🧑🏻‍💻Laptop & all necessary equipment for work according to the ecosystem standards
🏖Paid vacations, personal events days, days off;
🫖Paid sick leave;
👨🏻‍⚕️Medical insurance;
💵Referral program — enjoy cooperation with your colleagues and get a bonus;
📚Educational support by our L&D team: internal and external trainings and conferences, courses on Udemy;
🗣Free internal English courses;
🧘Free Yoga classes;
🦄Multiple internal activities: online platform with newsletters, quests, gamification, and presents for collecting bonuses, PIN-UP talks club for movie and book lovers, board games cozy evenings, special office days dedicated to holidays, etc;
🎳Company events, team buildings.