security engineer
генерация резюме под вакансию
сопроводительное письмо
описание
Chillbase is an independent and innovative gaming studio focused on crafting outstanding products.
задачи
- Conduct end-to-end penetration testing of web applications, APIs, internal and external infrastructure, cloud environments, and Kubernetes clusters;
- Perform vulnerability assessments and identify security weaknesses across products, infrastructure, and cloud environments;
- Simulate real-world attack scenarios, including privilege escalation, lateral movement, persistence, and attack path analysis;
- Participate in red team exercises and offensive security initiatives;
- Assess the security of cloud-native services, CI/CD pipelines, containerized environments, and infrastructure as code;
- Work with bug bounty programs and coordinate responsible disclosure activities;
- Research emerging attack techniques, vulnerabilities, and adversary tactics to improve the organization’s security posture;
- Partner with infrastructure and product teams to translate findings into practical remediation plans;
требования
- 4+ Years of hands-on experience in Offensive Security, Penetration Testing, or Red Team roles;
- Practical experience performing penetration tests against web applications, APIs, cloud environments, or internal infrastructure;
- Strong understanding of common attack techniques, attack chains, and adversary behavior;
- Experience with Kubernetes and container security assessments;
- Knowledge of cloud security concepts and IAM models in AWS and/or GCP;
- Understanding of network security, authentication, and access control mechanisms;
- Experience with Linux systems and security hardening principles;
- Familiarity with CI/CD security and Infrastructure as Code technologies (Terraform, Helm, etc.);
- Scripting and automation skills (Python, Bash, Go, or similar);
- Understanding of common security frameworks and methodologies such as OWASP, MITRE ATT&CK, PTES, or ASVS;
- Native Russian language.
условия
- Regular salary reviews based on performance;
- Promotion system for career growth;
- Flexible hours with the option of taking days off;
- Sick days without salary loss;
- Assistance in difficult life situations.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.