Description

Our Software Code Security Control Department is engaged in

ensuring the security of developed software.

Responsibilities

researching Company-developed software for vulnerabilities;
conducting security audits of applications and services;
checking code for flaws before publication to public repositories;
preparing recommendations for remediating identified vulnerabilities;
monitoring the remediation of defects/vulnerabilities identified during research;
developing the SSDLC practice.

Requirements

practical experience in software security analysis;
practical experience using security analysis tools (Burp, nmap, sqlmap, etc.);
proficiency in web application security testing methodology (OWASP WSTG), knowledge of and experience in identifying the most common threats (OWASP Top 10);
practical experience working with results from static and composition analysis tools to assess the exploitability of identified flaws and potential vulnerabilities;
knowledge of programming languages (Java, JavaScript, C/C++, etc.);
solid knowledge of network technologies and protocols.

Will be a plus:

having relevant certifications (CEH, OSCP, OSWE, etc.);
experience participating in competitions (CTF, etc.);
participation in Bug Bounty programs;
strong programming skills;
participation in relevant conferences;
technical English language skills;
experience in working with and researching AI and LLM.

Conditions

work schedule – hybrid
company-sponsored training: online courses in Sber's Virtual School and unlimited access to the library, training at the Corporate University, trainings, meetups, and the opportunity to gain new qualifications;
employee referral program: you can invite professional acquaintances to the team and receive a reward of up to 100 thousand rubles;
discounts for holidays at the world's best resort complex "Mriya Resort & SPA" in Yalta.
free SberPrime+ subscription, discounts on products from partner companies: Okko, Sber Market, Delivery Club, Samokat, Sber Eapteka and others
VHI, accident and critical illness insurance
preferential loan terms.
vibrant and eventful corporate life
financial assistance and social support, corporate pension program
flexible mortgage discount equal to 1/3 of the Central Bank's key rate

Description

Our Software Code Security Control Department is engaged in

ensuring the security of developed software.

Responsibilities

researching Company-developed software for vulnerabilities;
conducting security audits of applications and services;
checking code for flaws before publication to public repositories;
preparing recommendations for remediating identified vulnerabilities;
monitoring the remediation of defects/vulnerabilities identified during research;
developing the SSDLC practice.

Requirements

practical experience in software security analysis;
practical experience using security analysis tools (Burp, nmap, sqlmap, etc.);
proficiency in web application security testing methodology (OWASP WSTG), knowledge of and experience in identifying the most common threats (OWASP Top 10);
practical experience working with results from static and composition analysis tools to assess the exploitability of identified flaws and potential vulnerabilities;
knowledge of programming languages (Java, JavaScript, C/C++, etc.);
solid knowledge of network technologies and protocols.

Will be a plus:

having relevant certifications (CEH, OSCP, OSWE, etc.);
experience participating in competitions (CTF, etc.);
participation in Bug Bounty programs;
strong programming skills;
participation in relevant conferences;
technical English language skills;
experience in working with and researching AI and LLM.

Conditions

work schedule – hybrid
company-sponsored training: online courses in Sber's Virtual School and unlimited access to the library, training at the Corporate University, trainings, meetups, and the opportunity to gain new qualifications;
employee referral program: you can invite professional acquaintances to the team and receive a reward of up to 100 thousand rubles;
discounts for holidays at the world's best resort complex "Mriya Resort & SPA" in Yalta.
free SberPrime+ subscription, discounts on products from partner companies: Okko, Sber Market, Delivery Club, Samokat, Sber Eapteka and others
VHI, accident and critical illness insurance
preferential loan terms.
vibrant and eventful corporate life
financial assistance and social support, corporate pension program
flexible mortgage discount equal to 1/3 of the Central Bank's key rate

Key Skills

Contacts

Average salary for this role

Details

Description

Responsibilities

Requirements

Conditions

Similar vacancies

Web Application Security Specialist / Penetration Tester

Application Security Engineer

Security Engineer at FanTech

Information Security Specialist (Application Security)

Senior Cybersecurity Engineer

Engineer for the Security Team of Verticals

Эксперт по кибербезопасности

Chief Information Security Officer (CISO)

Application Security Engineer (Secure Application Development Specialist)

Junior Software Vulnerability Analyst (AppSec/Security Research)

Application Security Engineer (Secure Application Development Specialist)

Lead Cybersecurity Expert

Key Skills

Contacts

Average salary for this role

Details

Description

Responsibilities

Requirements

Conditions

Similar vacancies

Web Application Security Specialist / Penetration Tester

Application Security Engineer

Security Engineer at FanTech

Information Security Specialist (Application Security)

Senior Cybersecurity Engineer

Engineer for the Security Team of Verticals

Эксперт по кибербезопасности

Chief Information Security Officer (CISO)

Application Security Engineer (Secure Application Development Specialist)

Junior Software Vulnerability Analyst (AppSec/Security Research)

Application Security Engineer (Secure Application Development Specialist)

Lead Cybersecurity Expert