Pentester (Web, API, Mobile) in Diya

Action is a technological product that the whole world admires. Digital documents, online marriage, selling a car, paying taxes and hundreds of necessary government services are just a few clicks away. 21 million users, 80% satisfied with the services is a new reality, and you can become part of the global digital revolution.

Diia Company is the first official IT company of the Ministry of Digital. Our goal is to digitize all government services, eliminate the corruption factor, and make services understandable and accessible to every Ukrainian. We are driven by the thought that this work today will fundamentally change the state tomorrow. We are looking for people who share this feeling. Join the team and change this country.

Responsibilities:

- conduct pentests of web applications, APIs and mobile applications
- analysis and documentation of vulnerabilities
- preparation of reports with recommendations
- testing automation
- monitoring cyber threats
- modeling of threats, creation of test scenarios
- use of static and dynamic analysis tools
- security testing of cloud environments

Requirements: p>

- knowledge of OWASP (Web, API, Mobile)
- mastery of tools: Burp Suite, Postman, Frida, MobSF, Nmap, Metasploit, Nessus, Nikto, Acunetix, Ghidra, Wireshark, Python/Bash for automation, SQL, PowerShell
- understanding of client-server architecture
- experience testing RESTful and GraphQL APIs
- ability to work with Docker and Kubernetes
- understanding of network protocols (TCP/IP, HTTP, HTTPS)
- experience in fuzz testing and reverse engineering
- higher education
- willingness to work in the office (Kyiv)

Will be a plus:

We offer:

- work with a product that is used by the whole country and admired by the whole world
- competitive salary< br/>- professional development and training
- convenient office in the city center
- provision of all comforts working conditions: necessary equipment for work, office with a generator, reservation