Required work experience: 3–6 years
Full time, full day
Requirements:
- Strong knowledge of network technologies (addressing, routing, network devices, etc.), OS (Windows, Linux / Unix), DBMS.
- Understanding the principles of organizing IT infrastructure and providing information security in modern companies in the SMB and Enterprise segments.
- Fluency in the methods of conducting traditional network attacks, understanding their spectrum of exposure in various environments.
- Skills of working using the command line interface, development of scripts and scripts (cmd, bash, vb script, perl, etc.).
- Knowledge and skills of using regular expressions (regex).
- Strong knowledge and experience in one or several areas: software development (C #, web-technologies, NET, Perl, Go, etc.), analysis of software security (source code), reverse engineering, technical audit of information security.
- Fluency in existing tools for analyzing the security of information systems and software as part of modern distributions for analyzing security (BackTrack, NST, pentoo, Metasploit), preferably knowledge of commercial software products (CoreImpact, Immunity Canvas, Metasploit Express, SAINT).
- Skills in developing proprietary software for identifying a vulnerability or checking for its existence using one or more programming languages.
- Skills in developing security analysis tools, individual verification algorithms, writing exploiting software code (exploit), understanding existing operating methods.
- Experience in participating in hacking competitions for computer systems (CTF, etc.), in specialized conferences.
- Skills and experience in preparing analytical and reporting documents.
- Work experience of at least 3 years in the field of practical analysis of security.
- Confident knowledge and knowledge of technical English tongue.
- Higher (secondary special) technical education.
- Citizenship of Belarus.
Welcome:
- Availability of certificates in the field of IT / IS.
- Experience in detecting software gaps, their subsequent analysis and writing an exploit for them.
- Experience in writing thematic articles, software and methodological documentation on the subject of AS security analysis.
- Knowledge of the best existing foreign practices for conducting penetration tests and approaches to security analysis.
- The presence of our own scientific and technical backlog in this subject area, the desire to improve and the desire to develop career growth.
Duties:
- participation in projects on penetration testing, IS audit, security analysis, investigation of IS incidents;
- presale work with customers, including the preparation and conduct of presentations, the preparation of technical specifications, justifications, and technical parts of the tender documentation;
- preparation of reporting documents on the results of work;
- participation in the development and promotion of the existing set of referral services;
- analytical support of complex projects of a part of profile topics of the direction.
Conditions:
- official registration;
- interesting and promising projects;
- a young, professional and friendly team;
- opportunity for professional growth and career development;
- a high level of salaries and bonuses for successful participation in projects;
- comfortable working conditions.