Security Engineer (Pentester)

Disculpa, pero esta entrada está disponible sólo en Inglés, Ruso y Ucraniano. For the sake of viewer convenience, the content is shown below in this site default language. You may click one of the links to switch the site language to another available language.

Job Summary

In 10Guards we are on a mission to help companies of Ukraine and the world become cyberresilient and help them maintain a balance between safety and flexibility.

And now we are looking for Pentesters’ Team Lead.

Required skills:

  • Master degree in Cybersecurity or similar relevant field, or demonstrated experience with proven results in security contests;
  • Previous working experience as a Security engineer (Pentester) for at least 3 years with demonstrated experience in penetration testing;
  • Experience in people management and security team management;
  • Having a strong concept of common penetration testing frameworks;
  • Showing an expert understanding of network protocols, design, and operations;
  • Possessing practical experience with web application security issues (e. g. OWASP Top 10);
  • Able to read and understand source code (Java, .NET, PHP, C, C#, Python, Ruby, Javascript, etc.);
  • Experienced in Android and IOS mobile application security testing;
  • Knowledgeable about common security tools (Metasploit, Cobalt Strike, mimikatz, nmap, fuzzers, Burp Pro, Acunetix, Nessus Pro, Wireshark, Powershell Empire, etc);
  • Skilled in offensive TTPs (Tactics, Technics, and Procedures) including post-exploitation and lateral movement;
  • Proficient in cryptography concepts and protocols;
  • English – upper-intermediate / advanced;
  • Professional Cybersecurity Certifications: CEH, OSCP, OSCE, CREST, GIAC, CISSP, CISM, CISA, etc. will be Plus.

You want to work with:

  • People management;
  • Security team management;
  • Developing and implementing processes for unstructured projects;
  • Gathering technical and business requirements, maintaining communication with the customer;
  • Detailed reporting and proposal preparation;
  • Testing results and remediation plan presentation – Web application assessment.

 

Supervisory of:

  • Mobile application assessment;
  • Network and host layer vulnerability assessment;
  • API assessment;
  • Threat modeling and Risk assessment;
  • Blackbox, greybox, whitebox manual penetration testing;
  • Application code review and reverse engineering.

 

We offer

  • Official employment;
  • Paid 38 days of annual vacations and sick leaves;
  • Medical insurance;
  • Paid lunches and parking.