PandaDoc is a fast paced San Francisco based startup with a great product and huge impact. And to make our product even better we are looking for a Security QA Engineer, who is passionate about breaking the software and finding security vulnerabilities, analyze security report, propose improvements into existing process, automate and integrate activities, ready to learn new and deep experience.
What you are going to do:
- Perform penetration testing, find and investigate vulnerability issues of PandaDoc services;
- Adjust and run automated security tools and scanners, analyze results, participate in fixing vulnerabilities as consultant;
- Prepare test environments and data for penetration testing;
- Integrate security testing and security verification approaches into SDLC (SAST, DAST).
What we need:
- 2+ years experience as Security Test Engineer;
- Good knowledge and experience in applying principles of OWASP Testing Guide;
- Good knowledge and experience in searching vulnerabilities OWASP Top 10;
- Experience with tools for penetration testing like Burp, MSF, SQLMap, Maltego, network and vulnerability scanners and other instruments;
- Knowledge of Continuous Integration & Delivery methodologies, agile development, bug tracking, git;
- Experience with scripting and automation;
- A candidate eager to learn, improve and share knowledge;
- Knowledge in network technologies and computer network and participation in CTF, Bug Bounty programs will be a Plus.
- Impactful work in a cool fast-paced Silicon Valley based startup;
- New kickass office in the center of Minsk (Kirov street);
- Catered lunches 3 times a week;
- Medical insurance for you and your family;
- Yearly education budget and unlimited books;
- 21 vacation days + 5 personal leave/sick days per year;