Conducting complex web application security audits
Decision making at the cybersecurity architectural committee
Interaction with development teams to fix vulnerabilities and implement new cybersecurity features
Implementing new processes (e.g. scanning for secrets in source code, incident investigation)
Consulting development teams on complex security issues
Conducting investigations into cybersecurity incidents
Conducting large-scale security awareness activities, such as CTF
Conducting projects involving 2 or more teams, such as a hacker attack simulation
Qualifications
A higher education in IT, ideally information security
Knowledge of at least one high-level programming language, ideally Golang
Understands all types of vulnerabilities (web + mobile)
Understands the principles of the main protocols used in development and security
Has experience of failures and lessons learned in solving all types of AppSec tasks
Has positive experience in implementing new tools and processes
Has high maturity, can independently plan and implement large projects
Basic skills in infrastructure security: proxy servers, docker, k8s, CI/CD
Knowledge of how SDLC works in practice
Ability to write complex SQL queries to find anomalies in a database
Conditions & Benefits
Relocation to company offices in Kazakhstan or Cyprus;
Unlimited opportunities for professional and career growth, regular external and internal training from our partners;
Partially or fully paid additional training courses, English classes with a teacher in the office;
Personal growth programs in which we set goals and move towards them together;
Become part of an international team of professionals and just good people who together create one of the coolest success stories in the global IT industry.