Penetration Tester (offline)
The client is a Ukrainian entity of Top European Retail Bank. We are starting the innovative project in area of Card payments, reporting, accounting.
Goal of project is to implement modern infrastructure to achieve Customers growth, Increase sales & x-sell, Improve customer service, current IT landscape optimization and simplification.
Project team will be 60+ people splitted on several streams/ cross-functional teams.
Delivery Model: Scrum
Project roadmap: 2-3 years (we are planning long-term engagement of the team)
Requirements:
Requirements:
β’ Ability to manually find and exploit vulnerabilities in web and on-premise applications
β’ Experience with various penetration testing tools on Linux, Windows Mac, Android, IOS (Jeb, IDA Pro, Wireshark, Burp Suit, Drozzer, PyCharm, Process hacker, etc.)
β’ Experience at BlackBox and/or WhiteBox application assessment.
β’ Deep knowledge of one or more operating systems (Linux, Windows, Mac, IOS, Android, ect)
β’ Knowledge of different attack techniques (OWASP top 10; WASC; SQL injection; XSS; CSRF; SSRF; XXE; http response splitting; cache poisoning; code injection; MITM http/https, etc...)
β’ Experience with HTML, XML, JavaScript, CSS, SQL, and JSON
β’ Experience to assess security with databases: SQL, nosql, LDAP
β’ Knowledge and understanding of Application Security, System and Network Security, Authentication and Security protocols
Responsibilities:
Vulnerabilities discovery in Manual and Automated ways as part of Penetration testing and Application Security reviews;
Manual test of binaries for vulnerabilities;
Evaluation of security risks and recommendation of threat mitigations;
Documentation of findings; Record PoC videos; Reports presentation;
Security training for internal QA and Development teams;
Goal of project is to implement modern infrastructure to achieve Customers growth, Increase sales & x-sell, Improve customer service, current IT landscape optimization and simplification.
Project team will be 60+ people splitted on several streams/ cross-functional teams.
Delivery Model: Scrum
Project roadmap: 2-3 years (we are planning long-term engagement of the team)
Requirements:
Requirements:
β’ Ability to manually find and exploit vulnerabilities in web and on-premise applications
β’ Experience with various penetration testing tools on Linux, Windows Mac, Android, IOS (Jeb, IDA Pro, Wireshark, Burp Suit, Drozzer, PyCharm, Process hacker, etc.)
β’ Experience at BlackBox and/or WhiteBox application assessment.
β’ Deep knowledge of one or more operating systems (Linux, Windows, Mac, IOS, Android, ect)
β’ Knowledge of different attack techniques (OWASP top 10; WASC; SQL injection; XSS; CSRF; SSRF; XXE; http response splitting; cache poisoning; code injection; MITM http/https, etc...)
β’ Experience with HTML, XML, JavaScript, CSS, SQL, and JSON
β’ Experience to assess security with databases: SQL, nosql, LDAP
β’ Knowledge and understanding of Application Security, System and Network Security, Authentication and Security protocols
Responsibilities:
Vulnerabilities discovery in Manual and Automated ways as part of Penetration testing and Application Security reviews;
Manual test of binaries for vulnerabilities;
Evaluation of security risks and recommendation of threat mitigations;
Documentation of findings; Record PoC videos; Reports presentation;
Security training for internal QA and Development teams;
About Intellias
Intellias is a global IT company with more than 2600 specialists that operates in Ukraine, Poland, Croatia, Bulgaria, Spain, Portugal, Colombia, India, Germany, the United States, and the United Arab Emirates. With more than 20 years of market experience, Intellias creates and supports a human-to-human culture to unite engineers, creators, and innovators.The company develops complex software solutions and provides professional services, specializing in automotive, navigation, financial, and telecommunications technologies. More than two billion people around the world use technology products developed by Intellias engineers. For many years in a row, Intellias has been recognized as one of the best IT employers according to DOU.ua, the largest IT community in Ukraine. In 2020 and 2021, the company was ranked as a top IT employer by Forbes and EY.
Company website:
https://career.intellias.com/
DOU company page:
https://jobs.dou.ua/companies/intellias/
The job ad is no longer active
Job unpublished on
20 May 2021
Look at the current jobs QA Manual Kyiv→
Average salary range of similar jobs in
analytics β
Similar jobs
QA senior Manual Engineer at carma.taxi
Slovakia, Ukraine from $800
Middle Manual QA Engineer (Back-end) at Ajax Systems
Ukraine
All jobs QA Kyiv All jobs Intellias