Обязанности:Our client is one of the biggest online supermarkets worldwide. DataArt specialists help develop and support its services. We have helped the company to create web-portals and mobile apps, delivery control systems, staff management tools, data storage and much more.
Modern IT-systems have allowed the company to increase the amount of its customers to over half a million. Retail provides a yearly profit of around £1 billion. But our client is determined to earn even more by reselling the technological tools that have led them to their success.
Based on the new IT-infrastructure and the experience of its modifications, the company is working on developing a cross functional system that will be able to fit the interests of other companies that are interested in acquiring such systems. DataArt provides consultation and development of the software for the client in both areas of their activities: online sales and creation of the cross functional retail platform. This project will involve working on Range Management System alongside with our client's own developers to improve resiliency and performance of crucial product catalogue services.
We are not hiring the specialist just for this project, but also for one of the companies of the global DataArt network. When the project is over, or if after some time you no longer are satisfied by the project, you can discuss transitioning to another project with the managers.
Required Skills and Experience
3+ years of experience working in IT.
At least a year of work experience in the field of information security (penetration tester, security analyst, etc.).
Excellent understanding of existing types of vulnerabilities and security threats.
Experience with the vulnerability scoring system CVSS 3.0.
Basic knowledge of any existing methodology for penetration testing (OWASP, WASC, OSSTMM, etc.).
Experience working with specialized tools for manual and automated penetration testing (BurpSuite, Sqlmap, Nmap, Metasploit, Nessus/OpenVAS, Wireshark, KaliLinux etc.).
Experience developing custom auxiliary programs with any programming language.
Basic knowledge of various technologies and architectures (Linux, Windows, Cisco, ActiveDirectory, Java, .NET, etc.).
Basic knowledge of databases and skills working with DBMS (one of the following: MSSQL, Oracle, MySQL, PostgreSQL, etc.).
Experience communicating personally with a client.
The ability to correctly and accurately prepare reports.
Good communication skills.
Stress resistant, self-organized person.
High level of motivation to work and develop professionally in the field of software security.
Good spoken English.
Knowledge of cryptography.
Experience in reverse engineering and source code analysis.
Basic knowledge of security standards (PCIDSS, ISO27000, OWASPTOP10, etc.).
Experience independently conducting a full cycle of product safety analysis (communicating with the client, clarifying details, performing security analysis, creating and submitting a final report, and consulting).
Knowledge of Kubernetes.
Knowledge of Openstack
Basic knowledge of network security.
- Experienced colleagues who are ready to share knowledge;
- The ability to switch projects, technology stacks, try yourself in different roles;
- More than 150 workplaces for advanced training;
- Study and practice of English: courses and communication with colleagues and clients from different countries;
- Support of speakers who make presentations at conferences and meetings of technology communities.
The ability to focus on your work: a lack of bureaucracy and micromanagement, and convenient corporate services;
Friendly atmosphere, concern for the comfort of specialists;
Flexible schedule (there are core mandatory hours), the ability to work remotely upon agreement with colleagues;
The ability to work in any of our development centers