WEB Penetration Tester (offline)

More specifically you will:
Web vulnerability assessments and penetration testing of internal products:
• black-box security validation of WEB services and server infrastructure;
• enterprise IT infra penetration testing;
• security reviews according to Secure SDLC process (including requirements, design, source code)

Major Requirements:
• BlackBox and WhiteBox WEB pen.testing and vulnerability assessment experience;
• OWASP Top-10: understanding of common Web Application vulnerabilities;
• crypto: understanding of crypto primitives and protocols (SSL/TLS, authentication & authorization protocols, crypto algs.);
• DB: uderstanding of database operation (PostgreSQL, MongoDB, MySQL, SqLite, MS SQL);
• ability to understand execution logic of JavaScript, Java, C++, .NET;
• toolset: hands-on experience with IDA, GDB, Burp, JEB, scripting (Python), assessment automation tools (fuzz, scan);
• good technical English

Optional Requirements:
• security background (University, relevant prior employment, community activities, CTF);
• knowledge of PTES and NSA Vulnerability and Penetration Testing Standards;
• network security: understanding of WAF, IPS/IDS operation and weaknesses;
• proficient in Scala, Go, Lua code auditing;
• strong understanding of REST, SOAP operation

What we propose
•annual bonus;
• official employment;
• paid 28 days of annual vacations and sick leaves;
• paid days off on Ukrainian official holidays;
• paid maternity leaves;
• opportunity to become an inventor of international patents with paid bonuses;
• medical & life insurance for employees and their children;
• convenient office location (Business Center 101 Tower);
• paid lunches;
• discounts to Samsung products, gym, other services;
• English language courses;
• regular education and self-development on internal courses and seminars, office library

About the project:

Samsung is an amazing place to work with great people in an outstanding environment.
With us, you will have an opportunity to be a part of innovation that makes a real difference in the lives of millions of people worldwide.
Samsung R&D Institute Ukraine (SRK) has been working in Kyiv since 2009.
We develop innovative solutions in Security, Artificial Intelligence, Augmented and Virtual Reality for the next generations of consumer electronics.
SRK contributes to the development of a strong local hi-tech research community by cooperating with the Universities as well as by providing various educational opportunities for the students.

About Samsung R&D Institute Ukraine

Samsung Research and Development Institute Ukraine (SR Ukraine) is one of the units of R&D infrastructure of Samsung Electronics. Our local directions cover R&D activities in such areas as computer vision, next generations of human-computer interfaces based on 3D graphics and recognition technologies; applications for creating and consuming new types of multi-media content; device-2-device and device-2-cloud convergence; information security; artificial intelligence; natural language processing (NLP); human computer interaction (HCI); information retrieval; computational intelligence.

The main goal of the SRUKR is to provide next generation, adaptive, context-aware intelligent services for Samsung products and immersive serendipity across software and hardware eco-systems. We provide prototypes and new generation software development from scratch for embedded devices that gives a chance for Ukrainian engineers to work on technology of the future.

Company offers medical insurance, life insurance for our employees and their children, free lunches, English/Korean courses. Competitive salary; bonus system and effective talent development system for our employees, various learning workshops and trainings.
Ukrainian labor legislation guarantees (in particular, 24 calendar days of annual paid vacations; day-off on Ukrainian official holidays; paid sick leave, paid maternity leave).
Our company is an equal opportunity employer and welcomes application from all qualified candidates. The data provide will only be used for consideration of the applied position or other suitable position in Samsung Electronics Ukraine Cоmpany Ltd. Personal data collected will be used for recruitment purpose only.
In the whole process of recruitment, applicants should be careful not to infringe the trade secret of the company which they have been / were working for.
Please note that Samsung Electronics will never ask applicants to submit any personal documents or sensitive personal data to facilitate the recruitment process.


Надсилаючи своє резюме, Я, надаю ТОВ «Самсунг РнД Інститут Україна» (ЄДРПОУ 44648330) (надалі – «Компанія») право на збір та обробку моєї персональної інформації, а саме прізвища, ім’я та по-батькові, дата народження, контактний номер телефону, адресу електронної пошти (надалі – «Персональні дані») із метою використання цих даних для пошуку та підбору кандидатів на заміщення вакантних посад Компанії, наповнення рекрутингової бази даних Компанії.
Для цього надаю Компанії право:
o на збір, збереження, використання Персональних даних;
o використання Персональних даних для зв’язку зі мною та надсилання мені інформації про вакансію (-ії) в Компанії;
o зберігати Персональні дані в рекрутинговій базі даних Компанії протягом строку існування такої бази;
o видалення Персональних даних з рекрутингової бази даних Компанії у будь-який час на розсуд Компанії.

Ця Згода є безстроковою та може бути відкликана мною за моїм письмовим зверненням на адресу ТОВ «СамсунгРнД Інститут Україна»: 01032, м. Київ, вул. Гетьмана Павла Скоропадського, 57

Company website:
https://www.samsung.com/ua/aboutsamsung/careers/srukraine/

DOU company page:
https://jobs.dou.ua/companies/samsung/