Software Penetration Tester

Job Description:

Vulnerability assessment and penetration testing of various Linux OS security components and mechanisms:

- vulnerability assessment of Samsung mobile security software: security source code review (white box) and binary analysis (black box)

- secure SDLC process support (including requirements, design security review)

- emerging threats research: new attack methods, (un)known security issues risks

Major Requirements:

- 2+ years of hands-on experience with white and black box software penetration testing and vulnerability assessment

- understanding of typical software security issues (memory corruptions, various injections, arithmetic overflows, etc.) and how to protect against them

- good experience with C/C++, scripting languages, assembly (Arm preferred)

- ability to document and describe discovered security issues

Optional Requirements:

- exploitation experience

- understanding of Linux security architecture and design flaws exploitation (privilege escalation, MAC/DAC Passover oth.).

- Rust language knowledge

- tools: experience with fuzzers, disassemblers, debuggers, assessment automation tools

- cryptography: exploitation experience (weak keys, bruteforce, weak crypto, etc.)

- experience with assessing protected solutions (obfuscated / packed code)

Working Conditions:

- official employment - GIG contract

- remote work is possible as well as work in Kyiv office

Benefits:

- competitive salary, annual salary review, annual bonuses

- paid 28 work days of annual vacations and sick leaves

- opportunity to become an inventor of international patents with paid bonuses

- medical & life insurance for employees and their children

- paid lunches

- discounts to Samsung products, services

- regular education and self-development on internal courses and seminars

- hybrid work format, working in office is required for some tasks