Software Penetration Tester

Job Description

Vulnerability assessment and penetration testing of various Linux OS security components and mechanisms:

• vulnerability assessment of Samsung mobile security software: security source code review (white box) and binary analysis (black box)
• secure SDLC process support (including requirements, design security review)
• emerging threats research: new attack methods, (un)known security issues risks

Major Requirements

• 2+ years of hands-on experience with white and black box software penetration testing and vulnerability assessment
• understanding of typical software security issues (memory corruptions, various injections, arithmetic overflows, etc.) and how to protect against them
• good experience with C/C++, scripting languages, assembly (Arm preferred)
• ability to document and describe discovered security issues

Optional Requirements

• exploitation experience
• understanding of Linux security architecture and design flaws exploitation (privilege escalation, MAC/DAC Passover oth.).
• Rust language knowledge
• tools: experience with fuzzers, disassemblers, debuggers, assessment automation tools
• cryptography: exploitation experience (weak keys, bruteforce, weak crypto, etc.)
• experience with assessing protected solutions (obfuscated / packed code)

Working Conditions

• official employment, as per Ukrainian labor law (regular employee) or GIG contract
• remote work is possible as well as work in Kyiv office

Benefits

• competitive salary, annual salary review, annual bonuses
• paid 28 work days of annual vacations and sick leaves
• opportunity to become an inventor of international patents with paid bonuses
• medical & life insurance for employees and their children
• paid lunches
• discounts to Samsung products, gym, restaurants, services
• English language courses
• regular education and self-development on internal courses and seminars

About the company

Samsung is amazing place to work with great people in an outstanding environment.

With us you will have an opportunity to be a part of innovation that makes a real difference in lives of millions of people worldwide.

Samsung R&D Institute Ukraine (SR-Ukraine) is a part of Samsung Electronics global R&D network

Specialized in computer vision, context-aware intelligent services, graphics, augmented and virtual reality as well as information protection.