Software vulnerability assessment of own products:
- black-box manual security validation of WEB resources
- assessment of desktop & server-side software
- enterprise IT infra penetration testing
- Android applications security review
Security validation is typically executed as 1-month iterations.
Major Requirements:
- practical experience with white or grey or black-box software penetration testing
- broad technology background: WEB, Windows, Linux, Android security architecture
- security background (University, relevant prior employment, community activities, CTF)
- hands-on exp. with assessment toolset: IDA, GDB, Burp, JEB, scripting (Python), assessment automation tools (fuzz, scan)
- strong reporting and communication skills
Optional Requirements:
- software exploitation experience, applied cryptography
- reversing experience of protected solutions (obfuscated / packed code)
- awareness of security-related standards and best practices
(OSSTMM, OWASP, PTES, NSA Vulnerability and Penetration Testing Standards)
We offer:
- Annual bonus
- Official employment (gig contract)
- Paid 28 days of annual vacations and sick leaves
- Paid days off on Ukrainian official holidays
- Paid maternity leaves
- Opportunity to become an inventor of international patents with paid bonuses
- Medical and life insurance for employees and their children
- Convenient office location
- Paid lunches
- Regular education and self-development on internal courses and seminars, office library