Security Assessment Engineer

Software vulnerability assessment of own products:

• black-box manual security validation of WEB resources
• assessment of desktop & server-side software
• enterprise IT infra penetration testing
• Android applications security review

Security validation is typically executed as 1-month iterations.

Major Requirements:

• practical experience with white or grey or black-box software penetration testing
• broad technology background: WEB, Windows, Linux, Android security architecture
• security background (University, relevant prior employment, community activities, CTF)
• hands-on exp. with assessment toolset: IDA, GDB, Burp, JEB, scripting (Python), assessment automation tools (fuzz, scan)
• strong reporting and communication skills

Optional Requirements:

• software exploitation experience, applied cryptography
• reversing experience of protected solutions (obfuscated / packed code)
• awareness of security-related standards and best practices
  (OSSTMM, OWASP, PTES, NSA Vulnerability and Penetration Testing Standards)

We offer:

• Annual bonus
• Official employment (gig contract)
• Paid 28 days of annual vacations and sick leaves
• Paid days off on Ukrainian official holidays
• Paid maternity leaves
• Opportunity to become an inventor of international patents with paid bonuses
• Medical and life insurance for employees and their children
• Convenient office location
• Paid lunches
• Regular education and self-development on internal courses and seminars, office library