Penetration Tester
PIN-UP.TECH is one of the directions of the international ecosystem PIN-UP Global, which operates in six countries — Ukraine, Poland, Kazakhstan, Cyprus, Peru, and Armenia. PIN-UP.TECH is the foundation of today’s international ecosystem of PIN-UP Global, the main products of PIN-UP.TECH are platforms for Ukraine and Kazakhstan. PIN-UP Global is an ecosystem of independent companies involved in the life cycle of various entertainment products. Ecosystem companies introduce innovative technologies, non-standard solutions for the development and scaling of products and services.
We are looking for a highly professional and proactive Penetration Tester to join our team in Ukraine, Poland or Cyprus.
Requirements
• 5 years or more of prior experience in penetration testing and vulnerability assessment;
• Experience in drafting recommendations to mitigate the risks associated with uncovered vulnerabilities and weak spots;
• Proficiency in the gambling industry operations and understanding of affiliate partnerships, casino infrastructure, and provider relationships would be a significant advantage;
• Knowledge of industry best practices and standards such as PTES, NIST SP 800-115, OSSTMM, OWASP Testing Guide, PCI SSC Testing Guide;
• Fluent knowledge of OSI model, TCP/IP stack and routing;
• Fluent understanding of web technologies and APIs with the ability to demonstrate expertise in web technology stack;
• Understanding browser security mechanisms such as SOP, CSP, and HSTS;
• Ability to script basic operations for tasks such as parsing and exploiting bugs;
• Excellent communication skills, both written and verbal;
• Strong analytical skills and problem-solving abilities;
• Ability to work collaboratively in a team and independently;
• Deadline-oriented with the capability to manage multiple tasks;
• Cultural adaptability and the ability to work across diverse environments.
Will be plus
• A bachelor’s degree or higher in a relevant field would be a plus;
• Certification or equivalent experience in penetration testing (e.g., CEH, OSCP).
Responsibilities
• Utilize proficient skills with tools such as Burp Suite, various extensions, diverse scanners, and nuances of their configurations to conduct penetration testing effectively;
• Demonstrate expertise in a popular web technology stack to review code when necessary;
• Identify, exploit, and address vulnerabilities outlined in OWASP Top 10, employing comprehensive knowledge of detection, exploitation, and remediation;
• Develop and conduct attacks against existing business logic rules and existing weak spots discovered;
• Analyze systems, construct threat models, strategize exploitation scenarios, and identify weak points;
• Understanding of gambling industry operations including affiliate partnerships, casino infrastructure, and the role of providers to effectively testing gaming platforms;
• Draft recommendations for vulnerability remediation tailored to project specifics.
Our benefits to you
🍀An exciting and challenging job in a fast-growing product ecosystem, the opportunity to be part of a multicultural team of top professionals in Development, Engineering and Architecture, Management, Operations, Marketing, etc;
🤝Great working atmosphere with passionate IT experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;
📍Beautiful offices in Kyiv, Warsaw, Limassol, Almaty, Yerevan — work with comfort and enjoy the opportunity to build a network of connections with IT professionals day by day;
🧑💻Laptop & all necessary equipment for work according to the ecosystem standards;
🏖Paid vacations, personal events days, days off;
🫖Paid sick leave;
👨⚕Medical insurance;
💵Referral program — enjoy cooperation with your colleagues and get the bonus;
📚Educational support by our L&D team: internal and external trainings and conferences, courses on Udemy;
🗣Free internal English courses;
🤸♀Sport benefit;
🦄Multiple internal activities: online platform with newsletters, quests, gamification and presents for collecting bonuses, PIN-UP talks club for movie and books lovers, board games cozy evenings, special office days dedicated to holidays, etc;
🎳Company events, team buildings.
We are looking for a highly professional and proactive Penetration Tester to join our team in Ukraine, Poland or Cyprus.
Requirements
• 5 years or more of prior experience in penetration testing and vulnerability assessment;
• Experience in drafting recommendations to mitigate the risks associated with uncovered vulnerabilities and weak spots;
• Proficiency in the gambling industry operations and understanding of affiliate partnerships, casino infrastructure, and provider relationships would be a significant advantage;
• Knowledge of industry best practices and standards such as PTES, NIST SP 800-115, OSSTMM, OWASP Testing Guide, PCI SSC Testing Guide;
• Fluent knowledge of OSI model, TCP/IP stack and routing;
• Fluent understanding of web technologies and APIs with the ability to demonstrate expertise in web technology stack;
• Understanding browser security mechanisms such as SOP, CSP, and HSTS;
• Ability to script basic operations for tasks such as parsing and exploiting bugs;
• Excellent communication skills, both written and verbal;
• Strong analytical skills and problem-solving abilities;
• Ability to work collaboratively in a team and independently;
• Deadline-oriented with the capability to manage multiple tasks;
• Cultural adaptability and the ability to work across diverse environments.
Will be plus
• A bachelor’s degree or higher in a relevant field would be a plus;
• Certification or equivalent experience in penetration testing (e.g., CEH, OSCP).
Responsibilities
• Utilize proficient skills with tools such as Burp Suite, various extensions, diverse scanners, and nuances of their configurations to conduct penetration testing effectively;
• Demonstrate expertise in a popular web technology stack to review code when necessary;
• Identify, exploit, and address vulnerabilities outlined in OWASP Top 10, employing comprehensive knowledge of detection, exploitation, and remediation;
• Develop and conduct attacks against existing business logic rules and existing weak spots discovered;
• Analyze systems, construct threat models, strategize exploitation scenarios, and identify weak points;
• Understanding of gambling industry operations including affiliate partnerships, casino infrastructure, and the role of providers to effectively testing gaming platforms;
• Draft recommendations for vulnerability remediation tailored to project specifics.
Our benefits to you
🍀An exciting and challenging job in a fast-growing product ecosystem, the opportunity to be part of a multicultural team of top professionals in Development, Engineering and Architecture, Management, Operations, Marketing, etc;
🤝Great working atmosphere with passionate IT experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;
📍Beautiful offices in Kyiv, Warsaw, Limassol, Almaty, Yerevan — work with comfort and enjoy the opportunity to build a network of connections with IT professionals day by day;
🧑💻Laptop & all necessary equipment for work according to the ecosystem standards;
🏖Paid vacations, personal events days, days off;
🫖Paid sick leave;
👨⚕Medical insurance;
💵Referral program — enjoy cooperation with your colleagues and get the bonus;
📚Educational support by our L&D team: internal and external trainings and conferences, courses on Udemy;
🗣Free internal English courses;
🤸♀Sport benefit;
🦄Multiple internal activities: online platform with newsletters, quests, gamification and presents for collecting bonuses, PIN-UP talks club for movie and books lovers, board games cozy evenings, special office days dedicated to holidays, etc;
🎳Company events, team buildings.
About PIN-UP Global
PIN-UP Global is an ecosystem of independent companies involved in the life cycle of various entertainment products. PIN-UP Global is divided into directions depending on the profile. In each direction, there can be one or more companies interacting with each other by competition and cooperation. Ecosystem companies introduce innovative technologies, non-standard solutions for the development and scaling of products and services.PIN-UP Global is divided into directions depending on the profile. In each direction, there can be one or more companies interacting with each other by competition and cooperation.
● PIN-UP.TECH
Includes IT companies that specialize in technological solutions that are unique for the market, allowing partners to maintain their leading positions and provide high quality products.
● PIN-UP.BUSINESS
The companies included in it have expertise in the legal field, finance and apply the best practices of marketing communications to achieve the goals of the customer. It also includes an in-house full-cycle recruiting agency.
● PIN-UP.CARE
Directions for working with non-profit organizations that declare the principles of social responsibility in the field of human rights, labor relations, environmental protection and charitable activities.
● PIN-UP.TRAFFIC
The direction provides the development of software and tools for working with affiliate partners. The companies included in PIN-UP.TRAFFIC are responsible for attracting high-quality traffic to the products and services that customers need.
● PIN-UP.CRM
This is a group of companies, the scope and task of which is to build a high-quality level of service and marketing for all customers of the ecosystem. The specialists of PIN-UP.CRM promptly solve problems and simplify the life of customers.
● PIN-UP.TEAM
This segment is focused on important principle of the ecosystem’s culture — well-being of our specialists. To do this, we regularly implement programs not only for adaptation, development and training of employees, but also for leisure activities.
● PIN-UP.PLAY
In this direction are represented independent companies that launching an operation model of online entertainment business under the PIN-UP trademark with requirements of local and international regulators.
Our mission – based on deep market knowledge and the latest technologies, develop the Ecosystem companies and remain industry leaders.
Company website:
https://pin-up.global/
DOU company page:
https://jobs.dou.ua/companies/pin-up-tech/
Job posted on
25 April 2024
113 views 4 applications
113 views 4 applications
Average salary range of similar jobs in
analytics →