Necessary skills
- A passion for security, and the hacker mentality of doing whatever it takes to figure out and solve a problem
- Basic knowledge of attack vectors and exploits (API, OS, database, network, and code)
- Basic understanding of the OWASP Top Ten and CIS Benchmarks security risks and how to mitigate them
- Ability to manually find and exploit vulnerabilities in web-applications and services
- Experience with HTML, XML, JavaScript, CSS, SQL, and JSON
- Familiar with agile development, S-SDLC, bug tracking, git and CI/CD
- English: Intermediate+
What we offer
- Interesting projects
- Competitive and timely salary
- Positive working atmosphere
- Amazing team
- Flexible working schedule
- Promotion opportunities
Responsibilities
- Security assessment of the client’s software products
- Identifying security flows within running web-applications and services as part of infrastructure penetration testing and application security reviews
- Working with the infrastructure and development teams to help identify and mitigate vulnerabilities and security risks
- Working directly with product teams to enforce security best practices and integrate automated security (SOC)
- Knowledge sharing and security training for internal QA and Development teams
- Report to Team Lead about current tasks status, technical or other risks
