Web/Mobile Pentester (вакансія неактивна)

Job Summary

The application security team is responsible for finding bugs in our public-facing applications and designing and building mitigations for broad classes of bugs. We use and work on state of the art tools, maintain the infrastructure that supports our efforts, and empower Product Engineering (who focus on anything from core APIs, to powerful ML algorithms, to mobile apps and consumer-facing products) to move quickly without compromising on security. Because of the nature of the products we work on, the security team is an extremely dynamic environment to join.

Responsibilities and Duties

— Perform penetration tests of web and mobile applications
— Apply testing methodologies and tools to complex applications for finding weaknesses
— Proactive management of all found and confirmed security vulnerabilities and threats
— Correctly balance security risk and product advancement
— Threat model of existing applications

Qualifications and Skills

— 3+ years of experience as a Security Application Analyst, Pentester, or Security researcher
— Penetration testing and code review of web and mobile applications
— Understanding security fundamentals and common vulnerabilities (e.g. OWASP10)
— Base knowledge of cryptography
— Experience in security engineering, system and network security, authentication and security protocols, applied cryptography, and application security
— Scripting/programming skills (e.g., Golang, C/C++, Python, Ruby, Java, JS, etc.)
— Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
— Good written and spoken English

Would be a plus

— OSCP, OSCE, OSWE, or other security offensive certificates
— Experience with dynamic instrumentation software for security assessments
— Participation in the bug bounty hunting community

We offer multiple benefits, that include

— Opportunity to influence the products’ quality supporting company mission to make neighborhoods safer
— Challenging tasks and professional growth
— Competitive salary and perks
— PE accounting and support
— 18 paid vacation days per year, paid public holidays according to the Ukrainian legislation
— Social package, including gym membership compensation, medical insurance
— Free office meals, fruits, and cookies
— Educational possibilities, knowledge hubs, and free corporate English classes
— Career plan, professional growth, and semiannual performance review.