lifecell

Job from June 24, 2022

Application Security Engineer

lifecell 
Telecommunications and networking; more than 1000 employees

Kyiv, вулиця Солом'янська, 11.
4.2 km from center Find on the map

Full-time. Work experience more than 2 years. Higher education.

Вакансию сейчас просматривает 1 соискатель.

Откликнитесь на вакансию, чтобы быть среди первых!

Job description

About position: Conducting penetration tests, conducting web sites audit and PCI DSS segment audit, web and mobile based incident handling, creating internal documents for information security.

Responsibilities:

1. Conducting audit of web and mobile application according to OWASP security requirements and information security standards.

2. Conducting penetration tests according to PCI DSS standard.

3. Analysis of architectural solution on compliance with information security standards when implementing company systems.

4. Making presentations on information security domains for internal users.

5. Participation in the investigation of incidents of information security.

6. Processing internal user requests for application penetration testing.

7. Participation in the projects of web and mobile development for the assessment of the level of information security.

8. Carrying out of separate assignments of his direct supervisor on other matters of activity on a post.

Requirements:

Education: Telecommunication

Experience: 3−5 years

Language skills: English verbal/writing — upper intermediate; technical reading/writing — fluent.

PC Skills: Advanced PC user: MS Excel, Power point, Outlook, Project (preferred), Word, Jira.

Special Requirements:

  • Perform authorised and blackbox security tests on computer systems in order to expose weaknesses in their security that could be exploited by criminals (CTF experience is welcome)
  • OWASP TOP 10 and PCI DSS compliance testing for Windows, Linux and Mac operating systems, web-based interfaces checks, mobile application testing
  • Tools: vulnerability scanners (Nessus), Kali Linux tools, Netsparker, Burpsuite, Sonarqube
  • Embedded computer systems
  • Web/mobile applications, databases security tests
  • *nix, windows security hardening and hack technics understanding, SCADA (supervisory control and data acquisition) control systems, wireless and mobile (3−5G) technologies security knowledge, Internet of Things (IoTs) security
  • Programming languages: any system level (Python, perl, bash or other) and object-oriented programming skills
  • Ability to read code and write automated security checks for API (json, restful, SOAP)
  • Network and organizational security basics understanding
  • Experience of software development and server administration
  • Understanding of basic attack vectors on software applications
  • Experience with discovering of information threads and viruses detection
  • A certificate will be a plus: Offensive Security Certified Professional (OSCP); Certified Ethical Hacker (CEH) Certification
  • Knowledge and ability to support Company Safety Infrastructure (SIEM, DLP, TRAPS, etc.)

Similar jobs