Information Security Specialist - 22097 Outstaffing

Posted more than 30 days ago

Specialization: DevOps

Open to offers now

Ukraine

Kyiv

More than 3 years

Intermediate

Considering options

Full-time office work

Part-time work

Remote work (full-time)

Freelance (one-time projects)

Relocate

Security Engineer with 2.5+ years of experience in Penetration Testing. IT Security Engineer with extensive knowledge and expertise in the security and technology sectors. Able to provide security for networks, web sites and computer systems by creating and maintaining a secure environment. Taking an active role in the architecture, design, implementation and support of security-focused resources to ensure safe operations

Programming Languages/ Technologies

§ Python

§ Bash

§ Php

§ JavaScript

§ Java

§ HTML

§ Ruby

§ C\C++

§ Bootstrap4

§ SIEM

§ Technical Documentation/Penetration Testing Reports/Proposals

§ Reverse Engineering

RDBMS

§ My SQL

§ PostgreSQL

§ SQLite

DBMS

§ Phpmyadmin

§ Mongodb

Development Tools

§ Ansible (basic)

§ AWS/Kubernetes

§ Docker

§ Jenkins

§ GitLab

§ Git

Virtualization environments

§ VMWare

§ VirtualBox

Operating Systems

§ Microsoft Windows 95/ 98/ 2000/ XP/ 2003 Server/ Vista / 7/8/10

§ Kali Linux

§ Ubuntu

Application/Web Servers

§ Nginx

§ Php-fpm

§ Tomcat

§ IIS

§ Apache

§ Redis

§ Active Directory

§ DNS

§ DHCP

§ SNMP

§ SMB

Methodologies

§ OWASP

§ NIST

§ ISACA

Testing Tools

§ Nmap

§ Nikto

§ Burp Suite

§ OWASP ZAP

§ Nessus

§ Wireshark

§ Maltego

§ Sqlmap

§ Gobuster

§ Metasploit

§ Cloudflare

§ Slither

§ Hydra

§ WPScan

Hardware

§ Network technologies

§ Different technological device

Experience

Pentest of mobile application

WordPress News Portal

March 2022 - July 2022

Evaluating the security posture of the client’s website and network. Improve a company's corporate vulnerability assessments. Finding weak spots in an organization's security plan. Prevent those weaknesses from being exploited by attackers.

§ Analyze the system and prepare scope of work

§ Gathering information about the site, mapping, OSINT

§ Vulnerabilities search with automated scanners.

§ Fuzzing

§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability and recommendations on how to ﬁx them.

Nmap, Sniper, Nikto, Burp Suite, Nessus, Maltego, Hydra, the Metasploit Framework, Searchsploit, Dirb, Gobuster, Wireshark, Sqlmap

Security audit of the website

Australian company

November 2021 - January 2021

Part-time employment as Security Engineer for ensuring the security of various web sites. Advising and assistance in implementing security measures

§ Information gathering

§ Threat modeling

§ Identity and access management

§ Test data protection, verification of SSL certificates, disabling insecure cipher suites, testing cookies.

§ Testing SQL, command injections, cross-site scripting

§ Web app code review

§ Communication with client's security engineer

§ Generating a report with executive summary, risk level of each vulnerability and recommendations on how to ﬁx them.

Full Stack developer

Freelance

September 2019 - August 2021

Design and implementation with multiple layers of security controls
Developing back-end and front-end
Creating a secure access between API Gateway and backend services
Communication with customer, participation in meetings

Linux, Apache2, PHP, JavaScript, web (HTML + CSS + Bootstrap4).

Similar candidates