Сучасна диджитал-освіта для дітей — безоплатне заняття в GoITeens ×
SoftServe is a global digital solutions company with Ukrainian roots. We are a team of thinkers, doers, dedicated good people who like what they do and do it well. For us, that means a lot.
16 березня 2018

Senior Security Engineer (вакансія неактивна)

Львів

Необхідні навички

• Good understanding of network protocols, design and operations
• Good understanding of different OS (Windows/Linux/Android/iOS/MacOS etc.) features
• Good understanding of web application security issues (OWASP Top 10 for ex.)
• Familiarity with different web technology stacks and frameworks from the security perspective (Java/JBoss/Apache Sling/.NET/RoR/IBM Web Sphere etc.)
• Familiarity with any of the scripting languages (Python, Ruby or other)
• Previous experience in penetration testing and security assessments
• At least 2 years of experience in the industry

Required Tools and Technologies:
• Security testing key security threats from OWASP Top 10/SANS 25: SQLi, XSS, CSRF, Fuzzing, etc.
• Kali, FreeBSD, CentOS, Windows
• OS virtualization: VMWare, VMware Workstation, Virtual Box
• Sniffing, Spoofing, Network troubleshooting (tcpdump, WireShark)
• Android or IOS application security (OWASP Moblie Top 10, JADX, dex2jar, peda)
• Burp Suite, OWASP ZAP proxy
• Metasploit, Armitage
• Nessus, OpenVAS
• Acunetix, Nikto
• Testssl, ssltest, sslyze
• Nmap, netcat
• Security SDLC
• Static and Dynamic Security Testing methodology

Буде плюсом

• CISSP, CISA, CEH, OSCP or other information security certifications
• Previous experience in securing products according PCI, HIPPA, GDPR, or other compliances
• Experience with various commercial security tools and products (Fortify, AppScan, Checkmarx, etc.)
• Good understanding of the components of a secure SDLC
• Vulnerability analysis and application reversing skills
• Understanding of cryptography principles

Обов’язки

• Perform application and infrastructure penetration tests, as well as social engineering tests for our global clients
• Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
• Participate in Security Assessments of networks, systems and applications
• Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets

Гарячі вакансії

Всі вакансії