Пошук роботи на robota.uaukraine

Ця вакансія вже завершена

Vodafone Україна  — вакансія в Senior Penetration Tester
Вакансія закрита

Senior Penetration Tester

Vodafone Україна
2 роки тому
28 лютого 2022
Київвул. бульвар Вацлава Гавела, 6

Vodafone Ukraine is an international company with the leading positions in the field of technology and telecommunications, implementing ambitious projects and products in all business spheres, including Cloud Services, Big Data, IoT, Smart City.  

Are you looking for an enriching experience and opportunities to develop your career? Are you passionate about cyber security challenges?  

Requirements:

  • 3+ years of experience in Information Security
  • Strong expertize in performing security analysis and identifying possible vulnerabilities, creating Vulnerability Assessment report 
  • Skilled using various tools like Automatic Scanner, NMAP, Dirbuster, Qualys, Nexpose, Nessus, BurpSuite, Metasploit and etc for web application penetration tests and infrastructure testing
  • GIAC Certified Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) is much appreciated (prefer)

 Responsibilities:

  • Performing security analysis and identifying possible vulnerabilities in the key derivation function, create Vulnerability Assessment report detailing exposures that were identified, rate the severity of the system & suggestions to mitigate any exposures & testing known vulnerabilities
  • OWASP Top 10 Issues identifications like SQLi, CSRF, XSS, Path Manipulation
  • Perform grey box, black box testing of the web applications
  • Create written reports, detailing assessment findings and recommendations
  • Found web site security issues (XSS, CSRF, session fixation, SQL injection, information leakage, application logic etc.) across various platforms
  • Perform risk assessments to ensure corporate compliance
  • Controls on session management like Server-side session states, session termination, Session ID randomness, expiration, Unique tokens, concurrent logged in session, session fixation prevention
  • Develop threat modeling framework (STRIDE, DREAD) for critical applications to identify potential threats during the design phase of applications
  • Code reviews with the help of automation tools
  • Perform the penetration testing of mobile (Android and iOS) applications, specifically, APK reverse engineering, traffic analysis and manipulation, dynamic runtime analysis (prefer)
  • Execute daily vulnerability assessments, threat assessment, mitigation and reporting activities to safeguard information assets and ensure protection has been put in place on the systems
  • Perform, review and analyze security vulnerability data to identify applicability and false positives
  • Work closely with research and development teams for vulnerability remediation
  • Plan and Design Vulnerability assessement process
  • Work with other employees to improve the level of cybersecurity
  • Analyze and assessed risk in the environment
  • Identify issues in the web applications in various categories like Cryptography, Exception Management
  • Work on Vendor based Applications, Middleware and layer products
  • Provide both strategic analysis and near real-time auditing, investigating, reporting, remediation, coordinating and tracking of security-related activities for customer
  • Analyze data and prepared reports that document vulnerabilities from network based attacks and recommended actions to prevent, repair or mitigate these vulnerabilities
  • Perform remediation activities for Applications, OS, Database, Middleware, Digital Certificate, Layer Products, Java
  • Proactively identified system vulnerabilities to reduce or eliminate potential exploitation using Qualys and Passive Vulnerability Scanning
  • Work on Enterprise Release Management and Governance activities
  • Work closely with all competency teams to effectively and efficiently remediate vulnerabilities

We offer:

  • Official employment & social guarantees
  • Flexible work hours and remoted working days 
  • 31 calendar days of vacation
  • Medical insurance 
  • Professional trainings
  • Free mobile communication & discounts for family members
  • Active corporate life 

You are welcome to send  us your CV with the salary expectations.

Vodafone Україна – один з провідних роботодавців, який входит до рейтингу ТОП 20

більше 500  співробітників

з 1994 року  на ринку

  • Офіс у центріОфіс у центрі
  • Медичне страхуванняМедичне страхування
  • Бонуси та преміїБонуси та премії
  • Гнучкий графікГнучкий графік

Схожі вакансії за професіями: