DataArt

Вакансія від 14 грудня 2018

Security Consultant (Online Supermarket Services)

Компанія:
DataArt  
IT; більше 1000 співробітників
Місто:
Київ
Вид зайнятості:
повна зайнятість
Вимоги:
досвід роботи від 2 років

Опис вакансії

Our client is one of the biggest online supermarkets worldwide. DataArt specialists help develop and support its services. We have helped the company to create web-portals and mobile apps, delivery control systems, staff management tools, data storage and much more.

Modern IT-systems have allowed the company to increase the amount of its customers to over half a million. Retail provides a yearly profit of around £1 billion. But our client is determined to earn even more by reselling the technological tools that have led them to their success.

Based on the new IT-infrastructure and the experience of its modifications, the company is working on developing a cross functional system that will be able to fit the interests of other companies that are interested in acquiring such systems. DataArt provides consultation and development of the software for the client in both areas of their activities: online sales and creation of the cross functional retail platform. This project will involve working on Range Management System alongside with our client’s own developers to improve resiliency and performance of crucial product catalogue services.

We are not hiring the specialist just for this project, but also for one of the companies of the global DataArt network. When the project is over, or if after some time you no longer are satisfied by the project, you can discuss transitioning to another project with the managers.

Responsibilities:

  • Conduct security threat analysis (applications and network infrastructure in general) to detect and close potential vulnerabilities;
  • Perform penetration testing using black box methodologies;
  • Inform client’s representatives about discovered vulnerabilities by creating a detailed report (including a description of possible risks and recommendations for correcting vulnerabilities);
  • Support the process of fixing vulnerabilities;
  • Participate in the development of mechanisms for monitoring the creation of secure code;
  • Continuous communication with the client to determine necessary details and tasks;
  • Active participation in all activities of the company’s security department (searching for new vulnerabilities, developing support programs, participating in conferences, etc.).

Required Skills and Experience:

  • 3+ years of experience working in IT;
  • At least a year of work experience in the field of information security (penetration tester, security analyst, etc.);
  • Excellent understanding of existing types of vulnerabilities and security threats;
  • Experience with the vulnerability scoring system CVSS 3.0;
  • Basic knowledge of any existing methodology for penetration testing (OWASP, WASC, OSSTMM, etc.);
  • Experience working with specialized tools for manual and automated penetration testing (BurpSuite, Sqlmap, Nmap, Metasploit, Nessus/OpenVAS, Wireshark, KaliLinux etc.);
  • Experience developing custom auxiliary programs with any programming language;
  • Basic knowledge of various technologies and architectures (Linux, Windows, Cisco, ActiveDirectory, Java, .NET, etc.);
  • Basic knowledge of databases and skills working with DBMS (one of the following: MSSQL, Oracle, MySQL, PostgreSQL, etc.);
  • Experience communicating personally with a client;
  • The ability to correctly and accurately prepare reports;
  • Good communication skills;
  • Stress resistant, self-organized person;
  • High level of motivation to work and develop professionally in the field of software security;
  • Good spoken English.

Additional Competences:

  • Knowledge of cryptography;
  • Experience in reverse engineering and source code analysis;
  • Basic knowledge of security standards (PCIDSS, ISO27000, OWASPTOP10, etc.);
  • Experience independently conducting a full cycle of product safety analysis (communicating with the client, clarifying details, performing security analysis, creating and submitting a final report, and consulting);
  • Knowledge of Kubernetes;
  • Knowledge of Openstack;
  • Basic knowledge of network security.

DataArt offers:

  • Professional Development:

— Experienced colleagues who are ready to share knowledge;

— The ability to switch projects, technology stacks, try yourself in different roles;

— More than 150 workplaces for advanced training;

— Study and practice of English: courses and communication with colleagues and clients from different countries;

— Support of speakers who make presentations at conferences and meetings of technology communities.

  • The ability to focus on your work: a lack of bureaucracy and micromanagement, and convenient corporate services;
  • Friendly atmosphere, concern for the comfort of specialists;
  • Flexible schedule and the ability to work remotely;
  • The ability to work in any of our development centers.

Схожі вакансії


Вакансії у категорії
Вакансії за містами

Сподобалася вакансія?

Щодня ми можемо надсилати вам схожі вакансії на ел. пошту.