София
София

About the vacancy

Our client is one of the biggest online supermarkets worldwide. DataArt specialists help develop and support its services. We have helped the company to create web-portals and mobile apps, delivery control systems, staff management tools, data storage and much more.

Modern IT-systems have allowed the company to increase the amount of its customers to over half a million. Retail provides a yearly profit of around £1 billion. But our client is determined to earn even more by reselling the technological tools that have led them to their success.

Based on the new IT-infrastructure and the experience of its modifications, the company is working on developing a cross functional system that will be able to fit the interests of other companies that are interested in acquiring such systems. DataArt provides consultation and development of the software for the client in both areas of their activities: online sales and creation of the cross functional retail platform. This project will involve working on Range Management System alongside with our client's own developers to improve resiliency and performance of crucial product catalogue services.

We are not hiring the specialist just for this project, but also for one of the companies of the global DataArt network. When the project is over, or if after some time you no longer are satisfied by the project, you can discuss transitioning to another project with the managers.

Responsibilities

  • Conduct security threat analysis (applications and network infrastructure in general) to detect and close potential vulnerabilities;
  • Perform penetration testing using black box methodologies;
  • Inform client’s representatives about discovered vulnerabilities by creating a detailed report (including a description of possible risks and recommendations for correcting vulnerabilities);
  • Support the process of fixing vulnerabilities;
  • Participate in the development of mechanisms for monitoring the creation of secure code;
  • Continuous communication with the client to determine necessary details and tasks;
  • Active participation in all activities of the company's security department (searching for new vulnerabilities, developing support programs, participating in conferences, etc.).

Must have

  • 3+ years of experience working in IT.
  • At least a year of work experience in the field of information security (penetration tester, security analyst, etc.).
  • Excellent understanding of existing types of vulnerabilities and security threats.
  • Experience with the vulnerability scoring system CVSS 3.0.
  • Basic knowledge of any existing methodology for penetration testing (OWASP, WASC, OSSTMM, etc.).
  • Experience working with specialized tools for manual and automated penetration testing (BurpSuite, Sqlmap, Nmap, Metasploit, Nessus/OpenVAS, Wireshark, KaliLinux etc.).
  • Experience developing custom auxiliary programs with any programming language.
  • Basic knowledge of various technologies and architectures (Linux, Windows, Cisco, ActiveDirectory, Java, .NET, etc.).
  • Basic knowledge of databases and skills working with DBMS (one of the following: MSSQL, Oracle, MySQL, PostgreSQL, etc.).
  • Experience communicating personally with a client.
  • The ability to correctly and accurately prepare reports.
  • Good communication skills.
  • Stress resistant, self-organized person.
  • High level of motivation to work and develop professionally in the field of software security.
  • Good spoken English.

Would be a plus

  • Knowledge of cryptography.
  • Experience in reverse engineering and source code analysis.
  • Basic knowledge of security standards (PCIDSS, ISO27000, OWASPTOP10, etc.).
  • Experience independently conducting a full cycle of product safety analysis (communicating with the client, clarifying details, performing security analysis, creating and submitting a final report, and consulting).
  • Knowledge of Kubernetes.
  • Knowledge of Openstack.
  • Basic knowledge of network security.

За работата в DataArt:

На първо място - хората

Взаимоотношенията в екипа се градят на взаимно уважение, независимо от различнията ни

  • Дългосрочно сътрудничество
  • Уважение към личността и свобода при взимането на решения
  • Гъвкаво работно време, уютен и модерен офис, възможност за работа от разстояние
  • Допълнително здравно осигуряване
  • Храна и напитки в офиса

Професионализъм

Възможност за развитие и реализация

  • Екип от квалифицирани професионалисти и работа по интересни проекти
  • Възможност за продължаващо обучение
  • Уроци по английски език
  • Добре развита вътрешна информационна система
  • Кариерно развитие

Гъвкавост

Възмоност да натрупате опит, да участвате в нови проекти и да се развивате

  • Наемаме хора на постоянен договор, а не за отделен проект
  • При нас няма стриктна йерархия
  • Без заповеди и строги правила
  • Дори и да растем и да се променяме, основните ценнисти, залегнали в политиката на DataArt, остават същите
  • Възможност да работите от различни точки на света, в които DataArt има офис. Ние ще ви окажем съдействие за временна или постоянна релокация

Доверие

Ние разчитаме един на друг и нашата политика е свързана с доверие, тъй като смятаме, че хората са основна ценност за една компания

  • Ролята на мениджърите в DataArt е да създават среда, в която хората да са способни да взимат свои собствени решения
  • Справедливи правила и политики, даващи равни условия на всеки член на екипа
  • Не толерираме надмощието и конкуренцията между колегите, вместо това стимулираме способността да се работи в екип

Не виждате подходяща позиция?

Изпратете ни автобиографията си, а ние ще отговорим с интересни предложения

Изпрати

Не виждате подходяща позиция?

Изпратете ни автобиографията си, а ние ще отговорим с интересни предложения

Изпрати