Peneration Tester and Security Engineer - 22099 Outstaffing

Posted more than 30 days ago
Specialization: DevOps
Open to offers now
Ukraine
Kyiv
More than 3 years
Intermediate
Considering options
Full-time office work
Part-time work
Remote work (full-time)
Freelance (one-time projects)
Relocate
Peneration Tester and Security Engineer with 2+ years of experience. Advanced knowledge of Penetration testing techniques and methodologies. Have hands-on experience in application security, vulnerability assessments, and OWASP along with different security testing tools. Performed application and web penetration tests

Programming Languages/ Technologies

§ Python

§ Solidity

§ C\C++

 

RDBMS

§ My SQL

§ SQLite

 

Development Tools

Virtualization environments

§ VMWare

§ VirtualBox

§ Genymothion

§ AdroidStudio

 

Operating Systems

§ Microsoft Windows 95/ 98/ 2000/ XP/ 2003 Server/ Vista / 7/8/10

§ Kali Linux

§ Ubuntu

 

Application/Web Servers

Methodologies

§ OWASP

§ NIST

§ ISACA

Testing Tools

§ Nmap

§ Nikto

§ Burp Suite

§ OWASP ZAP

§ Nessus

§ Wireshark

§ Maltego

§ Sqlmap

§ Gobuster

§ Metasploit

§ Cloudflare

§ Slither

§ Apktool

 

Hardware

§ Network technologies

§ Different technological device

 

Other

§ Technical Documentation/ Penetration Testing Reports

§ Reverse Engineering

 

Experience
Mobile penetration tester
App Development company
December 2021 - April 2022

Mobile application for IOS and Android fitness app. Red-team pentester, worked with clients security team. Conducting the penetration testing of all new releases of apps.


§ Analyze the system and prepare scope of work

§ Determine the possibility of specific attack vectors.

§ Reverse Engineering of Android app

§ Testing security of the apps

§ Dynamic and Static testing

§ Test api and requests to the server

§ Identify a combination of high and low risk vulnerabilities

§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability and recommendations on how to fix them.


Nmap, Wireshark, Metasploit, Nessus, Burp Suite

 


Penetration Tester
Cryptocurrency company
2020 - 2020

Auditing the smart contract of token and bridge based on etherium. ERC20 standard.


§ Analyze the system and prepare scope of work

§ Check loops for miner attacks on timestamps and orders, and transaction order dependency

§ Determine inconsistency between specification and implementation

§ Identify defective design, logic, and access control

§ Provide recommendations to improve contract security and readability.

§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability


Slither, Manticore, Surya, SonarQube

 


Pentester, security advisor
NDA
2022 - 2022

§ Smart Contract Audit

§ Check loops for miner attacks on timestamps and orders, and transaction order dependency

§ Determine inconsistency between specification and implementation

§ Identify defective design, logic, and access control

§ Provide recommendations to improve contract security and readability


Apktool, Graudit, Genymothion, Burpsuite



Pentester, security advisor
NDA
October 2022 - January 2023

Dating platform. Penetration testing to estimate WAF security and uncover vulnerabilities.


§ Check loops for miner attacks on timestamps and orders, and transaction order dependency

§ Determine inconsistency between specification and implementation

§ Identify defective design, logic, and access control

§ Provide recommendations to improve contract security and readability

 

Apktool, Graudit, Genymothion, Burpsuite


Similar candidates
Open to offers now
Ukraine
Kyiv
More than 3 years
Intermediate
Considering options
Full-time office work
Part-time work
Remote work (full-time)
Freelance (one-time projects)
Relocate
We use cookies
accept