Next job

Application Security Engineer/Pentester in Vchasno

26 March

15 views

Vchasno

Vchasno

0
0 reviews
Without experience
Kyiv
Full-time work
to -groups of Ukrainian grocery IT companies that create digital solutions for business and state. FONT-STYLE: NORMAL; Normal; Normal; Text-Decoration: None ">: Hand and Automated Security Testing (Sast, Dast). FONT-STYLE: Normal; Text-Decoration: None "> CODE Analysis, Search for Vulnerators and Recommendations for their Elimination. FONT-STYLE: Normal; Text-Decoration: None "> Settings of Automation and Closed Cycle of WEB Vulnerable Vulnerators. FONT-STYLE: Normal

to -groups of Ukrainian grocery IT companies that create digital solutions for business and state. FONT-STYLE: NORMAL; Normal; Normal; Text-Decoration: None ">:

  • Hand and Automated Security Testing (Sast, Dast). FONT-STYLE: Normal; Text-Decoration: None ">

    CODE Analysis, Search for Vulnerators and Recommendations for their Elimination. FONT-STYLE: Normal; Text-Decoration: None ">

    Settings of Automation and Closed Cycle of WEB Vulnerable Vulnerators. FONT-STYLE: Normal; Text-Decoration: None "> Conducting internal pentification :

    • Detection of Vulnerators in Internal Systems, API, Cloud Platforms, etc. FONT-STYLE: Normal; Text-Decoration: None ">

      Development of Risk Detail Reports, Task Recommendations and Problems. FONT-STYLE: Normal; Text-Decoration: None "> Participation in SDLC :

      • Integration of safety practices into the development process. FONT-STYLE: Normal; Text-Decoration: None ">

        Participation in the process of creating safe architecture of new functionality and existing solutions. FONT-STYLE: Normal; Text-Decoration: None ">

        Conducting Training for Safe Coding Developers. FONT-STYLE: Normal; Text-Decoration: None ">

        Participation in Developer Code. FONT-STYLE: Normal; Text-Decoration: None "> The necessary experience and skills :

        • Clear Understanding OWASP TOP 10, CWE

        • Experience of Testing and Operation of Typical Attacks SQLI, XSS, CSRF, SSRF, RCE

        • Understanding the specifications of rest, graphqql.

        • Authentication Testing (Oauth, Saml, JWT) and Authorization. FONT-STYLE: Normal; Text-Decoration: None ">

          Ability to Work with Sast tools (Bandit, Semgrep ETC)/Dast (OWASP ZAP, BURP ETC)

        • Ability to Work with Snyk, OWASP DEPENDENCY-CHECK)

        • Ability to Work with Nessus Vulnery Scanning tools, nessus, nikto.

        • Understanding and Working with AWS

        • Ability to analyze/work with code Python, node.js, js

        will be the advantage of:

        • Ability to Work with Siem, WAF

        • Availability of OSCP

        We offer:

        • Official Employment in the State Company;

        • 24 calendar days of vacation per year (paid according to the Labor Code of Ukraine), an unlimited amount of hospital;

        • Work format: remotely or hybrid;

        • Corporate Psychologist Services;

        • Health Insurance after the Adaptation period.

Without experience
Kyiv
Full-time work
Want to get related jobs?
New job openings in your Telegram
Subscribe
We use cookies
accept