WEB Assessment Engineer (offline)

Job Description:

Samsung R&D Institute Ukraine is looking for a passionate and collaborative WEB Security Assessment engineer to join our team.

You will be involved in preventive security review and penetration testing of our online solutions in use by hundreds of millions of users worldwide.

If you love working directly on consumer-facing products we are glad to meet you at our team of professionals in Samsung R&D Institute Ukraine.

More specifically you will:

- perform vulnerability assessments of Samsung online services
- make blackbox penetration testing of production WEB services and server infrastructure
- make blackbox/greybox security validation of cloud infrastructure
- make blackbox penetration testing of enterprise IT infrastructure
- engage in emerging threats research: new attack methods, threat modelling, security bug hunting

Major Requirements:

- BlackBox and WhiteBox WEB pen.testing and vulnerability assessment experience
- BlackBox pen.test experience of cloud infrastructures and services
- OWASP Top-10: understanding of common Web Application vulnerabilities
- DB: understanding of database operation (pref. PostgreSQL, MongoDB, MySQL, SQLite, MS SQL)
- technical English (strong reporting skills, ability to communicate with colleagues worldwide)

Optional Requirements:

- security background (relevant University education, relevant prior employment, community activities, CTF participation)
- cryptography: understanding of crypto primitives and protocols (SSL/TLS, authentication & authorization protocols, crypto algs.)
- strong understanding of REST, SOAP operation
- pen.test experience of solutions hosted on popular cloud platforms (Alibaba, GCP, Azure, AWS)
- toolset: hands-on experience with Burp, scripting (Python), assessment automation tools (fuzz, scan)
- network security: understanding of WAF, CDN, IPS/IDS operation and weaknesses
- understanding of Devices-to-Cloud Services assessment principles
- understanding of OSINT tools and techniques

Working Conditions:

- official employment, as per Ukrainian labor law (regular employee) or GIG contract
- remote work is possible as well as work in Kyiv office

Benefits:

- competitive salary, annual salary review, annual bonuses
- paid 28 work days of annual vacations and sick leaves
- opportunity to become an inventor of international patents with paid bonuses
- medical & life insurance for employees and their children
- paid lunches
- discounts to Samsung products, gym, restaurants, services
- regular education and self-development on internal courses and seminars
- hybrid work format, working in office is required for some tasks

About Samsung R&D Institute Ukraine

Samsung Research and Development Institute Ukraine (SR Ukraine) is one of the units of R&D infrastructure of Samsung Electronics. Our local directions cover R&D activities in such areas as computer vision, next generations of human-computer interfaces based on 3D graphics and recognition technologies; applications for creating and consuming new types of multi-media content; device-2-device and device-2-cloud convergence; information security; artificial intelligence; natural language processing (NLP); human computer interaction (HCI); information retrieval; computational intelligence.

The main goal of the SRUKR is to provide next generation, adaptive, context-aware intelligent services for Samsung products and immersive serendipity across software and hardware eco-systems. We provide prototypes and new generation software development from scratch for embedded devices that gives a chance for Ukrainian engineers to work on technology of the future.

Company offers medical insurance, life insurance for our employees and their children, free lunches, English/Korean courses. Competitive salary; bonus system and effective talent development system for our employees, various learning workshops and trainings.
Ukrainian labor legislation guarantees (in particular, 24 calendar days of annual paid vacations; day-off on Ukrainian official holidays; paid sick leave, paid maternity leave).
Our company is an equal opportunity employer and welcomes application from all qualified candidates. The data provide will only be used for consideration of the applied position or other suitable position in Samsung Electronics Ukraine Cоmpany Ltd. Personal data collected will be used for recruitment purpose only.
In the whole process of recruitment, applicants should be careful not to infringe the trade secret of the company which they have been / were working for.
Please note that Samsung Electronics will never ask applicants to submit any personal documents or sensitive personal data to facilitate the recruitment process.


Надсилаючи своє резюме, Я, надаю ТОВ «Самсунг РнД Інститут Україна» (ЄДРПОУ 44648330) (надалі – «Компанія») право на збір та обробку моєї персональної інформації, а саме прізвища, ім’я та по-батькові, дата народження, контактний номер телефону, адресу електронної пошти (надалі – «Персональні дані») із метою використання цих даних для пошуку та підбору кандидатів на заміщення вакантних посад Компанії, наповнення рекрутингової бази даних Компанії.
Для цього надаю Компанії право:
o на збір, збереження, використання Персональних даних;
o використання Персональних даних для зв’язку зі мною та надсилання мені інформації про вакансію (-ії) в Компанії;
o зберігати Персональні дані в рекрутинговій базі даних Компанії протягом строку існування такої бази;
o видалення Персональних даних з рекрутингової бази даних Компанії у будь-який час на розсуд Компанії.

Ця Згода є безстроковою та може бути відкликана мною за моїм письмовим зверненням на адресу ТОВ «СамсунгРнД Інститут Україна»: 01032, м. Київ, вул. Гетьмана Павла Скоропадського, 57

Company website:
https://www.samsung.com/ua/aboutsamsung/careers/srukraine/

DOU company page:
https://jobs.dou.ua/companies/samsung/