DataArt Company Profile

Senior Information Security Engineer

DataArt

Job Description

The client creates technological solutions for the land passenger transport market. The company’s main development center is located in Berlin, and its solutions are used in several dozen countries around the world. The service which DataArt is helping to develop connects passengers and drivers via a mobile application and an online portal. A flexible API allows the service to integrate with other travel systems, linking the client’s service with partner websites and booking tools.

DataArt’s specialists helped integrate travel services as well as updated and optimized the product’s internal systems (microservice architecture). DataArt developed a notifications mechanism that supports various devices. Сurrently, our main focus is back on integration with external services.

We hire people not to a project, but to the company. If the project (or your work in it) is over, you go to another project or to a paid “Idle”.

Must have

  • 5+ years of experience in IT Security field
  • 3+ years of professional software development experience in at least one of the following languages: Ruby, GO, Python and/or JavaScript
  • Excellent understanding of existing types of vulnerabilities and security threats
  • Basic knowledge of existing methodologies for penetration testing (OWASP, WASC, OSSTMM, etc.)
  • Experience working with specialized tools for manual and automated penetration testing (BurpSuite, Sqlmap, Nmap, Metasploit, Nessus/OpenVAS, Wireshark, KaliLinux etc.);
  • Knowledge of security standards (PCIDSS, ISO27000, OWASP TOP 10, etc.)
  • Knowledge of authentication such as OAUTH and SSO technologies such as OIDC, SAML and AWS IAM
  • Understanding of cloud technologies (AWS and Infrastructure as Code)
  • Experience with automation tools, CI/CD technologies are preferred
  • Basic knowledge of various technologies and architectures (Linux, Windows, Cisco, ActiveDirectory, Java, .NET, etc.)
  • Basic knowledge of databases and skills working with DBMS (one of the following: MSSQL, Oracle, MySQL, PostgreSQL, etc.)
  • Experience of direct communications with clients
  • Stress resistant, self-organized person
  • Excellent communication skills
  • Good spoken English

Would be a plus

  • Experience holding workshops and training sessions for developers
  • Extensive experience with Security Management Systems (ISO 27001 or similar)
  • Certifications: CISSP, CISM, CASP, CISA, OSCP, other vendor certifications are welcome
  • Management experience
  • Leadership skills

Learn more about our policy of equal opportunities in employment

Find your dream job