- Тамара Змиевская
- Защитников Украины (5 минут пешком)
- Опыт работы2-5 лет
- Тип работыпостоянная
- Вид занятостиполный день
Описание вакансииDataArt has been engaged in software development and IT consulting since 1997. Companies that create interesting products and services have complex business processes, they want to beat the competition with the help of technology, and usually they turn to us. We, in turn, help them come up with technologies, build, implement, maintain, and upgrade them.
It is also should be noted that we hire people not for a project but for a team. Projects change, but the DataArt network of companies with its infrastructure, support, and tools of professional development stays.
DataArt has a flat structure, which means we don’t have superiors and subordinates. The engineers directly communicate with the customers’ representatives and are free to choose the tools for the job (as long as not constrained by other factors). We have free internal language and technological courses, hold international conferences, participate in other party conferences, provide employees with insurance, and take care of them in all kinds of ways.
DataArt’s network consists of 20 sales and development centers (US, UK, Argentina, Germany, Bulgaria, Poland, Russia, Ukraine, and Latvia). Our specialists can work in any of the centers after discussing it with the project team (and if they desire to, of course).
• Carrying out security threat analyses (of applications and network infrastructure in general) to detect and close potential vulnerabilities;
• Penetration testing using white/black-box methodologies (including source code analysis of applications);
• Informing clients about the vulnerabilities found by creating a detailed report (including a description of possible risks and recommendations for correcting vulnerabilities);
• Supporting the process of fixing vulnerabilities, participating in the development of mechanisms for monitoring the creation of secure code;
• Continuous communication with the client in order to find out the necessary details and tasks;
• Active participation in all areas of the company's security department (research of new vulnerabilities, development of support programs, participation in conferences, etc.).
Required Skills and Experience:
• 5+ years of experience working in IT;
• At least 2 years of work experience in the field of information security (penetration tester, security analyst, etc.);
• Excellent understanding of existing types of vulnerabilities and security threats;
• Basic knowledge of existing methodologies for penetration testing (OWASP, WASC, OSSTMM, etc.);
• Experience working with specialized tools for manual and automated penetration testing (BurpSuite, Sqlmap, Nmap, Metasploit, Nessus/OpenVAS, Wireshark, KaliLinux etc.);
• Experience developing custom auxiliary programs with any programming language;
• Basic knowledge of various technologies and architectures (Linux, Windows, Cisco, ActiveDirectory, Java, .NET, etc.);
• Basic knowledge of databases and skills working with DBMS (one of the following: MSSQL, Oracle, MySQL, PostgreSQL, etc.);
• Experience of direct communications with clients;
• Stress resistant, self-organized person;
• Experience independently conducting a full cycle of product safety analysis (communicating with the client, clarifying details, performing security analysis, creating and submitting a final report, and consulting);
• High level of motivation to work and develop professionally in the field of software security;
• Good spoken English.
• Knowledge of cryptography;
• Experience in reverse engineering and source code analysis;
• Basic knowledge of security standards (PCIDSS, ISO27000, OWASP TOP 10, etc.);
• Experience writing specialized articles and participating in conferences.
• Professional Development:
— Experienced colleagues who are ready to share knowledge;
— The ability to switch projects, technology stacks, try yourself in different roles;
— More than 150 workplaces for advanced training;
— Study and practice of English: courses and communication with colleagues and clients from different countries;
— Support of speakers who make presentations at conferences and meetings of technology communities.
• The ability to focus on your work: a lack of bureaucracy and micromanagement, and convenient corporate services;
• Friendly atmosphere, concern for the comfort of specialists;
• Flexible schedule and the ability to work remotely;
• The ability to work in any of our development centers.