Responsibilities:
• Perform Web vulnerability assessments and penetration testing.
Major Requirements:
• BlackBox and WhiteBox WEB pentesting and vulnerability assessment.
• Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, HTTP Flooding.
• Deep knowledge of HTTP, HTTPS, HTML, CSS, JavaScript.
• Strong understanding of crypto primitives and protocols (SSL/TLS, authentication & authorization protocols, crypto algs.).
• Deep understanding of database operation (MySQL, SqLite, MS SQL, Postgres).
• Scripting language development experience (Python, Perl or Ruby).
Highly Preferable Skills:
• Strong knowledge of OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards.
• Experience in WEB application components such as ActiveX, flash and other reversing and debugging.
• Understanding of WEB firewall, IPS/IDS operation to circumvent their protections.
• Experienced in: Nessus, Burp, Metasploit Framework/Pro, Social Engineering Toolkit, SqlMap.
• Proficient in code auditing in a range of web languages (Ruby, Perl, Java, ASP, .NET)
Company provides:
• Medical insurance, life insurance for our employees and their children, free lunches, English/Korean courses.
• Competitive salary; bonus system and effective talent development system for our employees, various learning workshops and trainings.
• Ukrainian labor legislation guarantees (in particular, 24 calendar days of annual paid vacations; day-off on Ukrainian official holidays; paid sick leave, paid maternity leave).
• Our company is an equal opportunity employer and welcomes application from all qualified candidates. The data provide will only be used for consideration of the applied position or other suitable position in Samsung Electronics Ukraine Cоmpany Ltd. Personal data collected will be used for recruitment purpose only.
• In the whole process of recruitment, applicants should be careful not to infringe the trade secret of the company which they have been / were working for.
• Please note that Samsung Electronics will never ask applicants to submit any personal documents or sensitive personal data to facilitate the recruitment process.
Отправить резюме