Description

Sber's Security Assessment Department is looking for specialists ready to contribute to enhancing the resilience of a large infrastructure against modern cyber threats and to take on new challenges together with us.

Responsibilities

conducting attacks on the bank's internal and external platforms (Red Team attacks), including the use of social engineering and initiating simulated fraudulent operations
periodic vulnerability testing of automated management systems (AS CA, TB, and GOSB)
preparing reports with recommendations for eliminating found vulnerabilities, assessing the effectiveness of anti-fraud systems and information security tools.

Requirements

at least 2 years of work experience in the field of security analysis
expert knowledge and practical skills in one of the specializations (web, network infrastructure, infrastructure software, etc.)
knowledge and experience in applying security analysis methodologies (PTES/MITRE/PCI DSS)
proficiency in main penetration testing tools
automation of routine tasks (Bash/Python)
understanding of the Cyber Kill Chain concept, experience implementing TTPs from MITRE ATT&CK
experience in exploiting vulnerabilities in Active Directory, Windows/*nix OS, network infrastructure, web applications
knowledge of the enterprise threat landscape (Active Directory environment, DBMS clusters, virtualized and containerized environments, etc.)
basic knowledge in the field of AI/LLM.

Conditions

comfortable modern office
annual salary review and annual bonus
corporate gym and rest areas
more than 400 educational programs from SberUniversity for professional and career development
adaptation program and manager's assistance at the start
extended voluntary health insurance, preferential insurance for family and corporate pension program
flexible mortgage discount, equal to 1/3 of the Central Bank's key rate
free SberPrime+ subscription, discounts on products from partner companies
referral bonus for recommending friends to join the Sber team.

Description

Responsibilities

conducting attacks on the bank's internal and external platforms (Red Team attacks), including the use of social engineering and initiating simulated fraudulent operations
periodic vulnerability testing of automated management systems (AS CA, TB, and GOSB)
preparing reports with recommendations for eliminating found vulnerabilities, assessing the effectiveness of anti-fraud systems and information security tools.

Requirements

at least 2 years of work experience in the field of security analysis
expert knowledge and practical skills in one of the specializations (web, network infrastructure, infrastructure software, etc.)
knowledge and experience in applying security analysis methodologies (PTES/MITRE/PCI DSS)
proficiency in main penetration testing tools
automation of routine tasks (Bash/Python)
understanding of the Cyber Kill Chain concept, experience implementing TTPs from MITRE ATT&CK
experience in exploiting vulnerabilities in Active Directory, Windows/*nix OS, network infrastructure, web applications
knowledge of the enterprise threat landscape (Active Directory environment, DBMS clusters, virtualized and containerized environments, etc.)
basic knowledge in the field of AI/LLM.

Conditions

comfortable modern office
annual salary review and annual bonus
corporate gym and rest areas
more than 400 educational programs from SberUniversity for professional and career development
adaptation program and manager's assistance at the start
extended voluntary health insurance, preferential insurance for family and corporate pension program
flexible mortgage discount, equal to 1/3 of the Central Bank's key rate
free SberPrime+ subscription, discounts on products from partner companies
referral bonus for recommending friends to join the Sber team.

Key Skills

Contacts

Details

Description

Responsibilities

Requirements

Conditions

Similar vacancies

Department Head (Red Team, MARS)

Red Team Engineer

Principal Use Cases Expert

Head of Cybersecurity Direction

Lead Cybersecurity Expert

Senior Cybersecurity Engineer

Head of Anti-Fraud Direction

Threat Hunter | Windows Empire Defender

Executive Director (Cybersecurity)

Cybersecurity Expert

Эксперт по кибербезопасности

Software Security Analysis Specialist (Pentest/Security Researcher)

Key Skills

Contacts

Details

Description

Responsibilities

Requirements

Conditions

Similar vacancies

Department Head (Red Team, MARS)

Red Team Engineer

Principal Use Cases Expert

Head of Cybersecurity Direction

Lead Cybersecurity Expert

Senior Cybersecurity Engineer

Head of Anti-Fraud Direction

Threat Hunter | Windows Empire Defender

Executive Director (Cybersecurity)

Cybersecurity Expert

Эксперт по кибербезопасности

Software Security Analysis Specialist (Pentest/Security Researcher)