Cyber Security Engineer (Vulnerability research and Pentesting for WEB/GCP), Product Security Assurance $3000-6000

Join the team where you will be involved in the different kinds of security analysis and automation in the Google cloud infrastructure. Flexible work schedule and good salary are guaranteed.

Your primary tasks will be:

- vulnerability assessments of web applications

- vulnerability assessments of GCP/GKE infrastructures

- secure code reviews

- penetration testing

- modification and tuning of fuzzing tools

- development of custom rules and modification of code analysis tools

- modification and tuning of cloud infrastructure audit tools

- developing PoC and provide other extended proofs of vulnerability severity level

- providing guidance and training to software development and operational teams

- developing secure coding standards and rules for IDE/CI tools which support that standards

- developing challenges/skills tests for software development teams

We expect from you:

* experience in shell scripting and python programming

* experience with web-application security testing(far behind the OWASP TOP 10)

* experience with security of OpenID/Oauth2/SAML protocols

* experience with parsing code, including AST representations and grammar parsing

* knowledge of common web application architectures

For sure you need:

* Read PHP/JavaScript code

* have an in-depth knowledge of HTTP protocol

* being familiar with Docker, Kubernetes, GCP tools

* know well acronyms and their appropriate use (CVE, CVSS, CWE :)

* being a fun of PortSwigger blog

* being a CTF player

* have known pentest certifications (OSCP/CEH/BSCP/HTB CPST or similar)

In addition we expect from you:

* being a strong team player

* effectively communicate findings and remediation approaches

* have ability to take ownership of features you ship

* have interest in the feature/product vision

* being self-learner, strong can-do attitude and great interpersonal skills.

* being comfortable with writing documentation (a lot of documentation)

A big plus is:

- Google Cloud certification

- Kubernetes certification

- Terraform certification

- BigQuery SQL perfect knowledge

- SSO, Oauth2, OIDC, SAML experience

Why work at Pakurity?

* We’re a well-funded company from 2014 with several key customers

* We have a pragmatic, ready to change and adopt culture

* We are focused to provide high quality services to our customers and being proactive in their needs

* We have credit of trust from our customers and freedom to choose solutions to address their needs

When you join Pakurity, you can expect:

* Competitive compensation

* Flexible hours and additional study days

* Career growth

In any case if you're passionate about high load/security projects you will be able to grow quickly in terms of financial gain and professional development.

Про компанію Pakurity

Pakurity is a team of cyber-security professionals. We are based in Ukraine but provide services all over the world. Our core services:

- penetration testing

- incident response

- IT audit

- secure software development training

We look for interns.