Discover Your Next Cybersecurity Role!
This is a remote
position.
Application security analyst (1 year experience, remote)
Be part of our future! This job posting builds our talent pool for potential future openings. We'll compare your skills and experience against both current and future needs. If there's a match, we'll contact you directly. No guarantee of immediate placement, and we only consider applications from US/Canada residents during the application process.
Hiring Type: Full-Time
Base Salary: $62K-$72K Per Annum.
Tasks
Application security analyst (1 year experience, remote)
Be part of our future! This job posting builds our talent pool for potential future openings. We'll compare your skills and experience against both current and future needs. If there's a match, we'll contact you directly. No guarantee of immediate placement, and we only consider applications from US/Canada residents during the application process.
Hiring Type: Full-Time
Base Salary: $62K-$72K Per Annum.
Tasks
- Tasks within the SDLC process: analysis of analyzer results, rule refinement, evaluation of their effectiveness;
- Source code analysis of applications in Java;
- Conducting internal penetration tests;
- Diving into the workings of containerized applications, understanding their implementations;
- Preparing recommendations for identified vulnerabilities, taking into account the specifics of the technological
stack and implementations.
- Experience with DAST (AFL, Fuzzing, Burp), including creating custom “farms”;
- Experience in conducting pen tests for virtualized infrastructure;
- Experience in analyzing mobile applications;
- Programming skills in Java;
- Experience with k8s, Docker;
- Experience with traffic analyzers (Wireshark, etc.);
- Experience in automating routine security processes;
- Understanding of modern software development processes and practices: Agile, SDLC, DevOps, CI/CD;
- Competent written and verbal communication skills (English B1, Russian B2+).
- Successful participation in Bug Bounty programs;
- CTF experience;
- Familiarity with OWASP Testing Guide, OWASP Code Review Guide, OWASP Secure Coding Practices;
- Experience working with and supporting HashiCorp Vault;
- Experience with network vulnerability scanners (Nessus, XSpider, MaxPatrol, etc.).