Information Security Specialist - 22121 Outstaffing

Posted more than 30 days ago

Specialization: DevOps

Open to offers now

Ukraine

Kyiv, Kharkiv, Lviv, Odesa, Dnipro

More than 3 years

Upper Intermediate

Considering options

Full-time office work

Part-time work

Remote work (full-time)

Freelance (one-time projects)

Relocate

Peneration Tester with 2+ years of experience. Security Engineer with the knowledge of Security DevOps. SecDevOps professional skills. AWS skills. Fluent use of vulnerability scanners, Linux and Windows scanners, network traffic monitoring tools, Protecting web-servers, and mobile applications. Experienced in using Kali Linux to do web application assessment with tools likeNikto, and NMap.

Programming Languages/ Technologies

§ Python

§ Bash

§ Php

§ HTML

§ C\C++

§ Technical Documentation/Penetration Testing Reports/Proposals

RDBMS

§ My SQL

§ PostgreSQL

Development Tools

§ AWS/Kubernetes

§ Git

Virtualization environments

§ VMWare

§ VirtualBox

Operating Systems

§ Microsoft Windows 95/ 98/ 2000/ XP/ 2003 Server/ Vista / 7/8/10

§ Kali Linux

§ Ubuntu

§ CentOS

Application/Web Servers

§ Nginx

§ Tomcat

§ Apache

Methodologies

§ OWASP

Testing Tools

§ Nmap

§ Nikto

§ Burp Suite

§ OWASP ZAP

§ Nessus

§ Wireshark

§ Maltego

§ Sqlmap

§ Gobuster

§ Metasploit

§ Cloudflare

§ Slither

Experience

Web penetration tester

Estonian online shop

June 2022 - 2022

Simulation of cyberattack on clients website. Vulnerability scanning and prevention from future attacts.

§ Analyze the system and prepare scope of work

§ Testing the security of the website

§ Dynamic and Static vulnerability scanning

§ Exploitation of found vulnerabilities, fuzzing.

§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability and recommendations on how to ﬁx them.

Industry-standard penetration testing tools and frameworks, including Nmap, Sniper, Nessus, Maltego, Hydra, the Metasploit Framework, Searchsploit, Gobuster, Wireshark, Burp Suite, Tcpdump and Sqlmap

Security Engineer

Polish company

January 2022

Testing the security posture of the organization with a simulated attack on the website.

§ Analyze the system and prepare the scope of work

§ Identification of site`s loopholes

§ Information gathering, searching for fingerprints in the backend of the website

§ Manual security scanning

§ Communication with the client's security engineer

§ Creating a final report with the summary, risk level of each, vulnerability and recommendations on how to ﬁx them included

The Harvester, Nikto, Nmap, Burp Suite, Sniper, Nessus, Maltego, Hydra, Metasploit, Searchsploit, Gobuster, Wireshark, , Tcpdump and Sqlmap

Penetration tester

NDA

September 2021 - 2021

Perform penetration tests on the systems
Search for weaknesses in web applications
Determine the current vulnerabilities that would be easily exploitable
Review and provide feedback for information security fixes
Creating the complete in-depth report that summarises the carried out activities, the probable threats identified, the risk score,

Nmap, Sniper, Nessus, Maltego, Hydra, the Metasploit Framework, Searchsploit, Dirb, Gobuster, Wireshark, Burp Suite, Tcpdump and Sqlmap. AWS infrastructure deployment.

Similar candidates