Software Security Engineer (offline)

Responsibilities:
• Implement Secure SDLC
• Test, triage, review, and provide recommendations for found vulnerabilities

Skills and Qualifications:
• Passionate about security and willing to learn, unlearn and relearn if necessary
• Security background (University, relevant prior employment, community activities, CTF)
• Solid understanding of how the web works, Web Application Security concepts, exploits, and threat prevention
• Hands-on exp. with assessment toolset: IDA, GDB, Burp, JEB, scripting (Python), assessment automation tools (fuzz, scan)
• Reverse engineering experience of mobile/web/desktop apps
• Knowledge of how to make security an integral part of the CI/CD pipeline
• Prior experience in Secure SDLC
• Practical experience with white or grey or black-box software penetration testing
• Understanding how to develop secure system design and secure coding recommendations
• Basic knowledge of programming languages (Python/JS/Java/Go) and experience of scripting
• Knowledge of the most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overflow, brute force, rainbow tables, DoS, etc.) and how they match the general classification
• Practical experience with Amazon AWS security hardening
Certifications in Security, Cloud, etc. will be an advantage

Will be a plus:
• Be a critical thinker and have problem-solving skills
• Good communicator with a bias towards honesty and transparency
• Nice to have one/many certifications such as GXPN, OSCP, OSCE, CEH.
• Awareness of security-related standards and best practices (OSSTMM, OWASP, PTES, NSA Vulnerability, and Penetration Testing Standards)
• Familiarity with network and web application protocols (HTTP, HTTPS, TCP/IP, SAML 2.0, OAuth 2.0, Rest APIs, etc)
• Familiarity with OWASP/NIST guidelines
• Familiar with modern DevOps practices and tools
• Experience in Bug bounties, speaking at conferences, blogging, etc. is highly desirable.

We offer:
• Competitive salary and annual review
• Guaranteed vacation and paid sick leaves
• Opportunity for self-improvement and professional growth programs available (Paid courses, training, conferences);
• Modern office with the recreational area, convenient location, parking, and Apple Macbook equipment provided. Office location near Vasilkivska subway station in Kyiv or remote cooperation
• Relocation support for candidates from other cities/countries

About Binaryx

We are Binaryx - a European IT product company with R&D based in Kyiv, Ukraine.
Our product offers the best-in-class cryptocurrency trading and exchange experiences for both professional and non-professional users. Our goal is to build an entire ecosystem where users can trade, learn and monetize their skills & knowledge in cryptocurrencies.
To get more familiar with the company and the product please watch our video: https://youtu.be/88ub0IsZcJo or visit our web page on https://www.binaryx.com/

Company website:
https://www.binaryx.com/

DOU company page:
https://jobs.dou.ua/companies/binaryx/