Application Security Expert

To respond
ADVANTAGES OF WORKING IN OUR COMPANY:
  • A unique opportunity to be an innovator in the implementation of information technologies in the industrial sector of Ukraine.
  • Acquiring the skill of performing complex tasks within one large product.
  • Interaction with a strong, proactive, open-minded team.
  • Opportunity to implement your proposals and innovations.
  • Work support, accompaniment and 1-to-1 meetings with the manager.
  • The ability to organize training or trainings within the company to transfer experience to your team.
  • Participation in workshops and trainings within the company, specialized conferences.
  • Participation in competitions within the company to identify and implement creative and initiatives.
WHAT DO YOU NEED TO DO?
  • Perform security analysis of application infrastructure and development / test environments.
  • Formulate security requirements for the developed and purchased applications and their components.
  • Perform security analysis of developed and purchased applications: search, analysis, exploitation of vulnerabilities, analysis of source code, identification of abnormal / malicious behavior.
  • Implement security solutions and applications.
  • Maintain and develop application security for large corporate clients.
  • Participate in projects, provide advice on the development of application infrastructure security.
  • Develop documentation (HLD, LLD, documents according to DSTU).
  • Monitoring of infrastructure processes and events within the area of ​​responsibility.
  • Participate in the response and analysis of application security incidents.
  • Provide technical advice to improve the application development process in general and individual products in particular.
SKILLS REQUIRED:
  • Higher education in the field of IT, information security.
  • Work experience: at least 5 years in the field of IT / IS.
  • Knowledge of information protection methods in applications.
  • Experience in building a secure development cycle for applications and services (DevSecOps).
  • Experience in using applied systems for monitoring, scanning and analyzing information security applications and code (SAST / DAST, DPA).
  • Knowledge of web technologies (HTML5, CSS, ASP.NET, etc.), OOP principles, C #, Javascript, Java, Python and the risks of information security for them.
  • Experience with MS SQL. Experience in using OWASP approaches, WAF class systems.
  • Knowledge of application containerization technologies.
EXTRA SKILLS:
  • Experience in project management.
  • Experience in incident response and analysis.
  • English - Intermediate level.
WHAT DO WE OFFER:
  • Competitive salary with flexible bonus system.
  • Full official employment and security according to the Labor Code.
  • Health insurance.
  • Corporate mobile communication, which is paid for by the company.
  • The percentage of business trips from working time is 20%.
  • Periodic corporate events, including sports.
To respond
Do you know who the vacancy is suitable for? Share it and get +10 karma

Do you want to work with us? Write!

logo