July 23, 2024
Security Engineer Kyiv, abroad, remotely This is us: mono is a multi-product fintech company from Ukraine. Since 2017, millions of people have been purring from our products: monobank, Experienza, Base... We strive to create even more for our ecosystem. you: Deep understanding of common types of vulnerabilities, attack vectors and methods of their elimination Experience with security tools and technologies such as static and dynamic analysis tools, web application fi
July 23, 2024
Security Engineer
Kyiv, abroad, remotely
This is us:
mono is a multi-product fintech company from Ukraine. Since 2017, millions of people have been purring from our products: monobank, Experienza, Base... We strive to create even more for our ecosystem.
you:
- Deep understanding of common types of vulnerabilities, attack vectors and methods of their elimination
- Experience with security tools and technologies such as static and dynamic analysis tools, web application firewalls, etc.
- Knowledge of security standards and frameworks (eg OWASP, PCI-DSS, GDPR, ISO 27001)
- Security knowledge: deep understanding of network access, identity and access management, application cryptography, network security techniques and secure software development techniques (SSDLC)
- Understanding of modern authentication and authorization protocols (SAML, OpenID Connect (OIDC))
- Experience with AWS cloud security - knowledge of AWS Shield, AWS WAF, AWS Config, AWS Inspector, AWS System Manager , engineering, mathematics or similar
- Experience conducting security audits, penetration testing or offensive security
- CEH, OSCP, CISSP, CCSP or similar certification
- Scripting skills (e.g. Bash, Python, PowerShell, SQL or similar platform)
- Good English communication skills (oral and written)
- Experience with infrastructure automation tools such as Terraform or templates AWS CloudFormation
We trust you:
- Vulnerability management
- Implementation of appropriate technical and organizational security measures to reduce identified risks, with an emphasis on automating these activities where possible
- Collaborating with development teams to integrate security best practices into the software development lifecycle
- Implementing infrastructure-as-code (IaC) security measures, protecting critical aspects of our infrastructure and ensuring secure deployments
- Implementation of security controls in the cloud
We guarantee:
- Decent remuneration and its regular review based on results
- Flexible work schedule without trackers and paranoia
- Possibility of hybrid work or completely remote
- Vacation 18 working days per year + 2 days for force majeure + 6 days for training
- Paid day-offs based on health status - without SMS and hospital letters
- Corporate English courses
- 100% health insurance + mental health support
- Platinum card from monobank and pundits from our partners
🇺🇦 We support the defense forces of Ukraine with our own funds, develop a culture of donation
Process:
h3>🐾 meeting with a recruiter → technical interview → offer 🐾