This is a remote position.
Application security analyst - Remote Job, 1+ Year Experience
Annual Income: $58K - $68K
A valid work permit is necessary in the US/Canada
About us: Patterned Learning is a platform that aims to help developers code faster and more efficiently. It offers features such as collaborative coding, real-time multiplayer editing, and the ability to build, test, and deploy directly from the browser. The platform also provides tightly integrated code generation, editing, and output capabilities.
Tasks
- Tasks within the SDLC process: analysis of analyzer results, rule refinement, evaluation of their effectiveness;
- Source code analysis of applications in Java;
- Conducting internal penetration tests;
- Diving into the workings of containerized applications, understanding their implementations;
- Preparing recommendations for identified vulnerabilities, taking into account the specifics of the technological stack and implementations.
Requirements
- Experience with DAST (AFL, Fuzzing, Burp), including creating custom “farms”;
- Experience in conducting pen tests for virtualized infrastructure;
- Experience in analyzing mobile applications;
- Programming skills in Java;
- Experience with k8s, Docker;
- Experience with traffic analyzers (Wireshark, etc.);
- Experience in automating routine security processes;
- Understanding of modern software development processes and practices: Agile, SDLC, DevOps, CI/CD;
- Competent written and verbal communication skills (English B1, Russian B2+).
- Successful participation in Bug Bounty programs;
- CTF experience;
- Familiarity with OWASP Testing Guide, OWASP Code Review Guide, OWASP Secure Coding Practices;
- Experience working with and supporting HashiCorp Vault;
- Experience with network vulnerability scanners (Nessus, XSpider, MaxPatrol, etc.).