Information Security Officer
|Требования:||3+ years of experience working in IT. |
At least a year of work experience in the field of information security (penetration tester, security analyst, etc.).
Excellent understanding of existing types of vulnerabilities and security threats.
Basic knowledge of any existing methodology for penetration testing (OWASP, WASC, OSSTMM, etc.).
Experience working with specialized tools for manual and automated penetration testing (BurpSuite, Sqlmap, Nmap, Metasploit, Nessus/OpenVAS, Wireshark, KaliLinux etc.).
Experience developing custom auxiliary programs with any programming language.
Basic knowledge of various technologies and architectures (Linux, Windows, Cisco, ActiveDirectory, Java, .NET, etc.).
Basic knowledge of databases and skills working with DBMS (one of the following: MSSQL, Oracle, MySQL, PostgreSQL, etc.).
Experience communicating personally with a client.
Good spoken English.
Knowledge of cryptography.
Experience in reverse engineering and source code analysis.
Basic knowledge of security standards (PCIDSS, ISO27000, OWASPTOP10, etc.).
Experience independently conducting a full cycle of product safety analysis (communicating with the client, clarifying details, performing security analysis, creating and submitting a final report, and consulting).