Backend Developer
генерация резюме под вакансию
сопроводительное письмо
описание
Sporty Group operates as a technology company focused on the sports entertainment and betting industry. It develops digital platforms and infrastructure to provide sports-related services to a global audience.
задачи
- Monitor, map, and test the entire external attack surface, including all external domains, subdomains, websites, and public IP addresses;
- Conduct adversary emulation exercises against internal and office endpoints to validate the effectiveness of EDR, XDR, and SOC monitoring platforms;
- Evaluate the security posture of physical office hardware, corporate network equipment, and internal edge infrastructure;
- Perform scoped offensive testing on external-facing web applications and public-facing API endpoints;
- Translate external discovery, DNS security posture, network access control weaknesses, and EDR emulation findings into repeatable defensive checks;
- Support the Purple Team in validating EDR policies, perimeter controls, firewall rules, and network segmentation;
- Document multi-stage network or system exploitation chains to provide practical, reproducible remediation blueprints;
- Support IT and Network analysts with vulnerability descriptions, triage steps, severity logic, and escalation guidance;
- Improve external asset tracking, perimeter health records, and exposure trend mapping;
- Track external vulnerability gaps, emulation success rates, remediation times, asset health, and perimeter exposure.
требования
- Experience in offensive security, perimeter penetration testing, network security assessments, or adversary emulation;
- Strong understanding of external asset discovery, DNS configuration vulnerabilities, and public IP network routing;
- Practical experience auditing and testing Linux and Windows environments and underlying network services;
- Ability to perform adversary emulation and bypass techniques against modern EDR/XDR solutions;
- Familiarity with testing physical office network hardware, routers, switches, firewalls, and workplace IT systems;
- Ability to turn external exposures and technical network risks into clear, actionable fixes;
- Experience with core web vulnerabilities and scoped testing of modern API interfaces;
- Strong scripting ability in Python, PowerShell, Bash, or similar to automate workflows;
- Good understanding of scanning, reconnaissance, and interception tools;
- Strong documentation skills;
- Nice to have: Kali Linux, Nmap, Shodan, Censys, Masscan, Amass, Wireshark, Burp Suite, OWASP ZAP, Microsoft Defender XDR, CrowdStrike Falcon, SentinelOne, Atomic Red Team, Caldera, Git, Jira, Confluence.
условия
- Competitive salary plus individual performance-based bonuses every quarter;
- 28 Days paid annual leave;
- Core working hours of 10am-3pm in your local time zone with flexibility;
- Referral bonuses and flash bonuses;
- Top-of-the-line equipment;
- Annual company retreats.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.