Why should you JOIN US

UnderDefense is the Security Consulting and Managed Detection & Response (MDR) SaaS provider.
In this unique niche demand on Cybersecurity is growing dramatically
. So we are growing too.

Our key Achievements for 2019 are covered here, but here are some outstanding things we are Proud of:

Ready to join Rockstar TEAM?

Check opportunities below and send your CV to [email protected]

Technical positions. Location: Anywhere

Attacks Researcher in R&D team

Responsibilities

  • Research latest CERT and industry reports, Threat intel analytics and TTP. Drive product vision
  • Analyze trends/threats and run new EVIL samples in our awesome LAB
  • Analyze attacks patterns, fingerprints, anomalies and new ransomware techniques 
  • Research & Develop new threat algorithms to detect it on scale during Lateral Movement in stream analytics platform
  • Maintain a isolated test / lab environment to run latest malicious activities and generate artifacts (telemetry, reports, docs, manuals, pcap)
  • Consult development team on implementing new features and functionality for product
  • Run and automate attacks and simulations to assure detections works as expected 
  • Analyze and convert from SIGMA to new detection format
  • Cooperate with our Red team to run some of complex attacks

Experience

  • If you was in Malware analysis team for few years or with Red team – it is awesome. You are our candidate
  • Experience with MITRE and how SOC team works and react – will help a lot
  • Hands on with CobalStrike, PowerShell Empire, Powersploit, metasploit, AutoSploit, venom, Pivotsuite, Responder
  • Seen on practice DGA & Command and Control (C2) console
  • In-depth knowledge of network protocols WinRM, WMI, HTTP/S, SMB, DNS, ICMP, TCP/UDP
  • Fundamental understanding of security tools such as SIEM, IDS/IPS, Web Proxies, DLP, CASB, SIEM, DNS security, DDoS protection, and firewalls
  • Knowledge of Microsoft Windows systems including active directory and Unix systems.
  • Knowledge of attack vectors, threat tactics and attacker techniques. Experience applying Mitre ATT&CK matrix.
  • Experience analyzing and inspection log files, network packets, and any other security tool information output from multiple system types
  • Familiar with basic reverse engineering principles and understand of malware, rootkits, TCP/UDP packets, network protocols

Nice To Have

  • FlareON badges or OSCP
  • Strong python skill
  • English and good idea communication skill
  • Demonstrable attention to detail, creative problem-solving, and persistence in your work product
  • Work comfortably at a fast-paced, multi-tasking environment

    Tier 3 Security Analyst / Senior Threat Hunter

    Position Summary

    We have an exciting opportunity to join our team as a Cyber Threat Hunter Engineer.

    UnderDefense is looking for a highly motivated individual with a passion for research and uncovering cybersecurity threats and threat actors.

    This person will be a key member of the MDR/SOC team responsible for participating in threat based investigations, creating and updating detection methodology, and providing expert support for daily monitoring and incident response. The individual is expected to be fully aware of the enterprises security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

    Job Responsibilities

    • Research new cyber threats, actors, and technologies that impact the organization and industry.
    • Maintain awareness within the threat intelligence community of vulnerabilities being exploited and provide comprehensive assessments on the impact to our environment.
    • Translate threat intelligence into detection and hunting strategies, hypotheses, and queries.
    • Utilize tools and advanced techniques to hunt and identify threats and actor groups and their motives, techniques, tools, and methods.
    • Identify anomalous behavior on the network or endpoint devices and be able to provide an assessment of malware behavior.

    Additional Position Specific Responsibilities

    Operations
    Lead analytic and investigative support for large scale and complex security incidents.
    Provide support (including off hours) to analyze and triage potential incidents.
    Support, administer, and fine tune in-place security solutions for efficient and appropriate operations.
    Periodically write and present assessment reports to peers and management.
    Work with external SOC as a point of escalation
    Define tool requirements to improve SOC capabilities
    Experience with public Cloud Native APIs (AWS, Microsoft Azure, Google)
    Investigate and resolve anomalies and events.
    Assist with maintaining and enhancing the current security infrastructure.
    Assist with network security evaluations and enhancements.

    Development
    Provide guidance on building and/or improving information security processes and implementation of tools and technologies used for enterprise security. Use existing tools to provide metrics to support recommendations.
    Develop and maintain dashboards, reports, and alerts to identify potential threats, vulnerabilities, and technical risks. Integrate new reports and alerts into the incident response process.
    Conduct research into IT Security solutions and products as required

    Minimum Qualifications

    To qualify you must have a 2+ years experience in cyber incident response, security operations teams.
    2+ years in threat intelligence tools, SIEM tools (i.e. Elastic/Security Onion/ Splunk), Endpoint Security tools (opensource and commercial).
    Detailed understanding of the TCP/IP networking stack and network technologies.
    Technical knowledge of mainstream operating systems (for example, Microsoft Windows, Mac OS, and Linux) and a wide range of security technologies, such as network security appliances, vulnerability scanners, anti-malware solutions, advanced threat protection systems, security incident and event monitoring tools, and automated policy compliance and desktop security tools.
    Familiarity with technologies such as VPN, Active Directory, Virtualization Platforms, and databases.
    Strong understanding of industry security best practices and standards.
    Build out and improve upon processes, procedures, and policies

    The Better mission is rooted in values that drive us

    • We believe that success lies in execution, not credentials
    • We act like owners, not just employees
    • We work to find answers on our own, not wait for them to be given to us
    • We optimize for mission, not ego
    • We do what’s in the best interest of the consumer, not ourselves
    • We have growth mindsets, not fixed ones
      Please send your CVs to [email protected]

    Penetration Tester (Mid or Senior)

    Qualifications:

    • Technical skills: Web/Mobile security, Network Security, Windows domain, UNIX/Linux, and basic experience in  Reverse Engineering is a plus.
      • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as OWASP Risk Rating Methodology.

      Preferred Experience:

      • eWPT or OSCP or other related security certifications
      • Love to code on Python, .NET, or similar languages

    Responsibilities:

    Do penetration tests of applications and networks against a wide array of technologies and platforms

    • Create detailed penetration testing reports which explain identified technical and logical security findings, describe potential business risks, and present prioritized recommendations
    • Understand, review, interpret vulnerability assessment
    • help design Secure SDLC in a mixed waterfall/agile environment (OWASP SAMM)
    • hands-on perform specialist appsec processes in SDLC (design review, Java code review, testing, etc)
    • help properly set up automation in CI/CD (so HP Fortify / HP WebInspect suck less)
    • basic performance testing to ensure system’s Availability (optional)
    • Contribute to the ongoing enhancement of the company’s penetration testing assessment capabilities
    • Collaborate and share knowledge internally
    • Ability to think outside the box and simulate adversarial approaches

    What we offer:

    • Growth, really fast growth
    • Good salary + really challengeable projects
    • Brilliant Team
    • Paid vacation and sick-leaves
    • Paid certifications and courses
    • Internal training and workshop (conferences, workshops, training, etc.)
    • English courses  
    • Work-rest balance support ( foosball, workout station) 

    Please send your CVs to [email protected]

    Cybersecurity Research Engineer for Emerging Threats team ("Project Zero"-like project)

    Our Emerging Threat Detection team is  looking for full-time, part-time or project-based involvement for security engineers & researchers (even talented students) who have strong analytical and R&D skills for our “Project Zero”-like project.
    On this project we hunt for the latest threats in the public Internet and Dark web, researching and discovering new CVEs and zero-days vulnerabilities in popular consumer products (recently WD confirmed 5 new zero days in their mycloud.com product which we reported to them) and help to protect regular internet users from malefactors.
    Now we are looking for people with good writing English and information presentation skills.
    Our publications are on top of ZDNet, TheHackersNews, Forbes.
    During the last 6 months we discovered a ton of botnets, malware, scam and illegal schemas, leaked data and made it public to raise consumer awareness, this way making the Internet a safer place.
    UnderDefense is now 65 people and we continue to grow 100% year to year.

    We have offices in Lviv, Kyiv and Poland (remote is also ok).

    Join our Research team and help to make a good impact in this world!

    Contact [email protected] and lets arrange a call to discuss scenarios to collaborate on full time, part-time or project based.

        CISO / Compliance manager (ISO27001, SOC2)

        Requirements:

        • 4+ years in IT security and compliance
        • Extensive, practice-based knowledge of security management frameworks, such as ISO 27k series, GDPR, SOC2 etc.;
        • Proven track record of IT security audits/projects implementation
        • Ability to develop information security policies, setup ISMS and guidelines, implement CIS20 and derive security requirements from them;
        • Understanding access modelling. Ability to develop access models and assess them. Understanding of segregation of duties
        • Experience in IAM & SSO solutions. Understanding of purpose and approaches of IAM. Knowledge of key tasks: identify, authenticate, and authorize
        • Good knowledge of risk management, its purpose, and approaches. Ability to evaluate risks and create a risks management plan
        • Understanding OWASP Top 10. Ability to describe vulnerabilities, ways of exploitations, and fix methods
        • Understanding and implemented of vulnerability & patch management. Knowledge in vulnerability scanners. Ability to validate scan results and provide recommendations
        • Ability to develop and conduct security trainings and workshops
        • Good level of professional English
        • Good communication skills, responsible, initiative, self-organized, eager to learn
        • Experience in Secure SDLC or AWS Security would be a plus

        Responsibilities:

        • Conduct security audits and consulting projects,  create an action plan & practical roadmap based on the audit results
        • Develop and enhance an information security management framework to ensure business sustainability
        • Build and maintain compliance guidelines. Create policies and standards for IT security and compliance
        • Conduct general IT security awareness training for the company staff
        • Evaluate and manage corporate risks related to IT security
        • Build and maintain application-specific threat models, explicitly apply security principles to design
        • Participate in the corporate certification and compliance activities
        • Design and implement security architecture and detailed cybersecurity designs together with IT and software development departments
        • Prepare and document standard operating procedures and protocols
        • Cooperation with Account Management, Sales & Marketing, Legal, Delivery and Clients for all security-related topics (audits, contractual compliance, reviews, risk assessments, etc.)
        • Keeping up to date with developments in IT security standards and threats

        Please send your CVs to [email protected]

        Strong Junior Front End Developer (Ember JS)

        Our research

        We are looking for a full-time developer in love with JavaScript and the network who wishes to join a team of enthusiasts! What will appeal to us are your skills: no specific diploma is required, you will be judged solely on your abilities and your eagerness to learn. We are looking for a curious person, with a good technical background, able to collaborate with, and enjoy working in a team.

        Come and participate in the design of the European product that competes with the American giant’s thanks to teams of talents in many fields. 

        How does it work? We place our sniffer in our clients’ infrastructure and it produces performance analysis to the backend. Then we provide an HMI and APIs to analyze the data received, process it, and provide real-time analysis of the performance of infrastructures and applications!

        Your skills

        • Ability to work independently
        • Good communication skills (at least Upper-Intermediate English level) 
        • Experience in working with modern JS frameworks (preferably MVC/MVVM-based, like Ember/Angular/Vue)
        • Knowledge of design patterns and object-oriented programming
        • Knowledge of CSS and responsive design
        • Experience in working with REST API
        • Knowledge of NoSQL databases

        Would be nice to have too:

        • Knowledge of TypeScript
        • Experience in working with SQL
        • Experience in creating data visualizations (AMCharts, ECharts, D3)
        • Knowledge of UX principles

        Your job

        • Participate in the development of our real-time network sniffer, collaborate with UI offices, implement state-of-the-art interfaces.
        • Be proactive in terms of interface design.

        What we Offer

        • Official employment, 18 days vacation, paid sick leave
        • Competitive salary
        • Flexible work schedule
        • Free English lessons
        • Comfortable office
        • Exciting work in a dynamic team
        • Business trips to  Canada

          Please send your CVs to [email protected]

        AWS SecOps (Cloud Security Ops Engineer)

        Responsibilities

        • Drive SecOps & DevOps team to make IT/Ops secure on global scale
        • IDS/IPS (Threatstack) and other security tools deployment access infrastructure
        • AWS IAM Access management, Auditing, Notifications/Alerts
        • Terraform/Ansible configuration management, Security as a Code
        • PKI
        • Hashicorp stack (HSS) ( Terraform by HashiCorp)
        • AWS Security Hub/GuardDuty/Cloudtrail

        Experience

        • Strong knowledge of AWS
        • 3+ years of OS/Network hardening experience (Windows and Linux preferably)
        • 3+ years of Linux or Windows administration experience (AD, GPO, WMI, services)
        • Automation mindset with scripting ability using Python or other languages
        • Install, configure, and troubleshoot application stacks (e.g. Apache, nginx, PHP, etc.) and database applications (e.g. MySQL, PostgreSQL, MS-SQL, etc.)
        • Familiarity with one or more virtualization technologies (VSphere or HyperV is a big plus)
        • Ability and desire to:
          • Analyze, interpret and implement security hardening and best practice guidelines from reputable industry sources like Center for Internet Security (CIS20), DISA and others
          • Experience deploying and configuring server operating systems, application stacks, databases, and other systems. Configure them according to various security hardening guides
          • Leverage scripting languages (e.g Python) to develop an automation for supporting the generation of benchmark and best practices, integrated into our cloud security platform
          • Create automation to enrich customer’s vulnerability database

        Nice To Have

        • Bachelor’s degree in a technical field or equivalent experience
        • Strong understanding of information security technologies – including networking, firewall technologies, VPN, configuration management & server hardening, user management, intrusion detection, log analysis, vulnerability assessment
        • Demonstrable attention to detail, creative problem-solving, and persistence in your work product
        • Work comfortably at a fast-paced, multi-tasking environment

        About a Client

        #2 in VPN service provider platforms from Silicon Valley. The huge infrastructure that needs You to take it under control and put the right cloud security controls in place.

         

        We Offer

        • Innovative solutions delivery to the world’s digital changes
        • Experience exchange with colleagues all around the world
        • Opportunities for self-realization
        • Friendly team and enjoyable working environment
        • Engineering, corporate and social events
        • Social package: professional & soft skills training, medical & family care programs, sports
        • Free English classes
        • Flexible working schedule
        • Remote is ok

          Please send your CVs to [email protected]

        Splunk SIEM engineer

        Please send your CVs to [email protected]

        Azure Sentinel Engineer / Cloud Security Operations Engineers

        Remote work will be considered for a well-qualified candidate.

        Position Overview

        UnderDefense is looking for a candidate who has experience in Azure and especially Sentinel SIEM. As a Cloud Security Engineer, you will be expected to consult, develop alerting, provide best practices for the Azure and Sentinel platform, identify security detection gaps in infrastructure and process, and effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison while supporting the Security Operations Center.

        Job Responsibilities Will Include

        • Use Microsoft Sentinel as appropriate to provide logging and metrics for a variety of Azure-based applications.
        • Create alerts and monitoring for key security and application events.
        • Develop dashboards and reports for monitoring of real-time log data.
        • Advice on prioritization of data collection and data retention to achieve maximum results for security and event monitoring.
        • Deliver results through teamwork while achieving security and incident response goals.

        Preferred Qualifications

        • 2+ years of experience as an Azure administrator, architect, or consultant
        • Experience with Sentinel.
        • Experience in interacting with other IT stakeholders gathering requirements, onboarding, configuration, and optimization of the Splunk suite of tools
        • Preferred experience with Linux systems and using scripting languages (Shell, Python, SQL) to automate tasks and manipulate data
        • Knowledge of enterprise logging, including application, OS, and security technology logging
        • Cybersecurity: 2 years
        • Customer Facing Consulting: 2 years
        • Azure Platform: 3 years
        • Azure Sentinel: 1 year
        • Can advise customers on the Microsoft Cloud Security capabilities across the Azure platform
        • Deep understanding of how to implement best practices for designing and securing Azure
        • Deep experience with Microsoft technologies including Azure Active Directory, MDT, Windows Server, and M365/O365
        • Deep understanding in the configuration of End Point security features
        • A base understanding of common exploitation tools, tactics, and procedures
        • Familiarity with determined adversaries and how malicious software persists on compromised systems
        • Ability to look at situations from several points of view

        Preferred Certifications

        • Microsoft Certified: Azure Security Engineer Associate – AZ-500
        • SANS – GSEC, GCIA, GMON, GCDA, GCED
        • ISC(2) – CISSP, CCSP
        • other similar professional certifications

        Job Description

        • Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.
        • Responsible for working with architecture to take high-level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding, and operationalization.
        • Evaluates patches, updates, and ongoing maintenance. Determines impacts on existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions.
        • Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
        • Works with operational partners to enable transition and day-to-day supportability.
        • Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.

          Please send your CVs to [email protected]

        Elastic SIEM engineer

        We are a highly successful company with great ambitions. We operate in a very competitive market so every day we are looking for opportunities to be better. To be faster. Even faster. Never stand aside and never afraid to try. Having a lot of own ideas we are very open for fresh ones

        We invite those who fired up to:

        • Work with a large dataset from different infrastructures;
        • Design and implement monitoring/prevention security controls for new company’s products/features/3-rd parties integrations;
        • Analyze actual threats and develop mitigation controls;
        • Support and develop SIEM not only as a system – but as a process.

        Requirements:

        • 2+ years of experience as IT security specialist/analyst, SOC analyst, SIEM specialist position;
        • Experience with SIEM administration and support: Elastic Stack, Splunk;
        • The system administrator or DevOps background: Unix systems, DBs, AWS, k8s, Git;
        • Experience with log collection, parsing, and enrichment with Elastic beats, logstash, syslog-ng, rsyslog;
        • Strong experience at logs analysis, correlation, and visualization via Elastic stack tools;
        • Scripting development using a variety of tools like Bash, Python, Ruby, Go;
        • Use of MITRE ATT&CK and Cyber Kill Chain frameworks.

        We care about your:

        Health

        • 100% paid sick leaves;
        • 23 working days of paid vacation.

        Wealth

        • Competitive salary and сonstant encouragement for your efforts and contribution;
        • Bonuses according to company’s policy;
        • Welfare (financial support in the critical situation).
        • Gifts for significant life events (marriage, childbirth).

        Personal and professional growth

        • Individual annual training budget with an opportunity to visit paid conferences, training sessions, workshops, etc.;
        • Free corporate library;
        • Opportunity to visit our non-stop internal meetups: open talks, IT Pump, etc. as a participant or a speaker and exchange knowledge;
        • A world-class team of T-shaped skilled professionals that share knowledge and support each other.

        Leisure time

        • Corporate parties and events (Pub Quiz, Carquest, bowling championships, etc.);
        • PM Foundation activities (social responsibility events);
        • Weekly events aimed at culture, arts, soft skills development.

          Please send your CVs to [email protected]

        IBM Qradar SIEM engineer

        Please send your CVs to [email protected]

        Middle Python Engineer

        You are

        • 3+ years of enterprise software development experience
        • Upper-Intermediate and a higher level of English
        • Hands-on experience with Python
        • Practical experience using Docker and/or Kubernetes
        • Expertise with the following: backend APIs, databases, services integration, cybersecurity, core infrastructure, and tooling
        • In-depth understanding of GIT
        • Write clean and well-crafted code
        • Solid understanding of development lifecycle (design, test, implement, document) and release management using modern collaboration tools
        • Able to learn quickly to understand different business domains
        • BS in computer science or a related field

        What will make you stand out

        • Experience with cloud computing platforms like AWS, GCP, or Azure
        • Adept of testing, following of TDD/BDD is your advantage
        • Willingness to learn new domains and technologies
        • Team leadership skills and experience

        You want to work with

        • Such technologies as Python, REST APIs, web development, GIT, Kubernetes, Docker, Conda, Postgres (or comparable databases)
        • Data science, ML, and AI domains
        • Product for the enterprise-level users
        • Estimation and scope breakdown
        • Requirements elicitation and releases planning
        • Direct communication with the client

          Please send your CVs to [email protected]

        QA Engineer Cybersecurity

        About the project

        We are building a Cybersecurity solution for our client that enables security engineers to perform network monitoring, detect, prevent and investigate evolving cyber threats. Our awesome Team is responsible for backend development, adapting the user interface to the specific needs of the threat intelligence workflow, impacting product design directions, and most important – constantly improving and refining our state-of-the-art security detections to withstand modern and everlasting cybersecurity threats.

        You are

        • 3+ years of experience as a QA Engineer testing web applications (front-end/back-end)
        • Upper-Intermediate+ level of English
        • Great communication skills and ability to build rapport with parties
        • Confident knowledge of software testing methodologies
        • Ability to create test strategy, test plans, test cases from scratch, based on product requirements
        • Basic understanding of how network protocols works
        • Ability to work without supervision
        • Motivation to learn cybersecurity knowledge domain

          Would be a plus

          • Technical Background
          • Willingness to develop as an Automation QA engineer

          Responsibilities

          • Implement Web Application testing process
          • Analyze functional specification/user stories and other requirements
          • Create test cases/checklists to cover these requirements
          • Work closely with the development team to clarify feature requirements and provide feedback on design solutions.
          • Execute and evaluate manual test cases to identify and track defects.
          • Communicate test status and needs accurately and effectively both within and across teams.

          What we offer

          • Becoming a part of Startup Success Story
          • 18 days vacation, paid sick leave
          • Competitive salary
          • Flexible work schedule
          • Free English lessons
          • Comfortable office
          • Exciting work in a dynamic Team
          • Work with a Senior QA Lead on client-side

          Please send your CVs to [email protected]

          Scala Developer

          About the project

          We are building a Cybersecurity solution for our Client that enables security analysts to perform
          network monitoring, detecting, preventing, and investigating security incidents. Our awesome
          The team is responsible for backend development, adapting the user interface to the specific needs of
          the threat intelligence workflow, impacting product design directions and most important –
          constant improvements of our state-of-the-art security detections to withstand modern and
          everlasting cyber security threats.

          Requirements

          • One of the following:
            • Confident knowledge of Scala and/or Go
            • Commercial experience with Java and strong motivation to learn and code on Scala
          • Practical experience with Apache Spark, Kafka
          • Intermediate or higher level of English
          • Proactiveness and willingness to contribute beyond the given tasks, generating new ideas and drive the product development
          • Basic knowledge of Network protocols Http/Udp/Tcp etc.

            Would be a plus

            • 2+ years of experience in Software Development
            • Experience with Elasticsearch, Clickhouse
            • Interest in Cybersecurity domain

            Responsibilities

            • Implementing Spark Jobs on Scala
            • Implementing/extending Rest API on Go
            • Enhancing the performance of current solution
            • Working directly with the customer and participating in all parts of Software Development life cycle

            What we offer

            • Becoming a part of Startup Success Story
            • 18 days vacation, paid sick leave
            • Competitive salary
            • Flexible work schedule
            • Free English lessons
            • Comfortable office
            • Exciting work in a dynamic Team

            Please send your CVs to [email protected]

            Non-technical positions

            Communications / Brand Manager

            UnderDefense, a globally top-ranked firm by Gartner and Clutch and a super fast growing company, is looking for a passionate and well-rounded Communications/Brand Manager to strengthen the company’s brand position on both global and local scale.

            This person will collaborate with internal teams of cybersecurity experts and partners and implement communications strategy, support media relations, and manage communications activities to boost UnderDefense brand on the market.

            Key responsibilities:

            • Plan communications activities in alignment with business strategy.
            • Develop brand campaigns that grow company’s awareness and establish a leadership position.
            • Manage media relations to build a strong UnderDefense brand among our targeted audience.
            • Promote corporate success stories across all the channels of communication.
            • Manage and lead communications via all Social Media channels to boost public awareness.
            • Manage participation at industry events, as well as lead main communications activities to promote own webinars.
            • Ensure full corporate storyline and brand alignment across all the channels of communications.

            The ideal candidate will have:

            • English level – advanced level.
            • 3+years’ experience in digital marketing or communications department, preferably in IT company.
            • Experience working directly with journalists, influencers, and international media.
            • Strong eye for developing meaningful content that tells a differentiated story.
            • Passion and commitment to work in a fast-paced environment.
            • Able to achieve alignment and collaboration among individuals and groups.
            • Ability to multi-task across numerous projects with exceptional attention to detail.
            • Strong networking, relationship building, and pitching skills.
            • Curious, data driven and results-oriented mindset.

            We offer:

            • 18 business days of payable annual free-time.
            • 10 days of paid sick leave.
            • Competitive compensation package (base + bonus for KPI).

            Professional growth:

            • Challenging and non-standard tasks and projects.
            • Individual Development Plan.

            Fun:

            • Team buildings
            • Corporate events and outstanding parties
            • Anniversary presents

            Please send your CVs to [email protected]

            Senior Recruiter

            The most important part of every business is the people and this Senior Recruiter will directly impact the UnderDefense growth by identifying great talent. Our Senior Recruiter will be responsible for all hiring activities (both operational and strategic) for the Ukrainian UnderDefense office.

            Your Responsibilities:

            • Lead the full-cycle hiring process in the Lviv office: from kick-off calls conducting to the pre-onboarding communication and background check ordering
            • Lead a team and be a coach of junior recruiter
            • Plan strategically: work on the yearly/quarterly hiring plan with the VP of Engineering, the Director of Engineering, and the Director of Talent Acquisition
            • Run the data-driven hiring process: collect and analyzing metrics, provide changes based on recruitment analytics
            • Promote a personalized approach in hiring

            Must-have skills:

            • Upper-intermediate English
            • At least 3 years of experience
            • Expert level skills in sourcing passive candidates
            • A personalized approach in hiring
            • Ability to work without direct supervision
            • Deep knowledge of the IT market and technical literacy
            • Developed analytical skills and strategic thinking
            • Great communication, negotiation, collaborative and interviewing skills

            Nice to have:

            • Experience in collaborating with distributed People Operations and Talent Acquisition teams
            • Employer brand developing success
            • Examples of hiring process optimization, changing, aligning with business goals

            Bonuses:

            You’ll be responsible for the Recruitment function in the UA location, so you’ll be able not only to hire people but also to tune our hiring process, approach, way of interviewing, and offering.

            We Offer:

            • Great conditions for education and development within the company
            • Paid vacation and sick-leaves
            • Paid certifications and courses
            • Internal training and workshops
            • English courses
            • Work-rest balance support (Foosball, workout station)
            • Funny celebrations, team outings, and unforgettable corporate events
            • Comfortable office

              Please send your CVs to [email protected]

            Sales Manager / Business Development Manager

            Must:

            • Sales background in IT (2+ years)
            • Advanced English, both written and verbal
            • Proven successful sales track record (B2B)
            • Excellent networking, communication, and negotiation skills
            • Proactive Team player, flexible, self-motivated, result-oriented
            • Consistently and Persistence

            Big plus:

            • Participation in international programs like Flex, Work and Travel USA  or other abroad living experience  
            • Experience in Public speaking/presentations, pitching
            • Familiarity with trending sales techniques/tools and best practices

            We Offer

            • Outstanding Sales team
            • Decent base Compensation fixed in USD
            • Sales commissions monthly (5% for 1 year for each closed deal)
            • Opportunity to travel onsite to the US, Canada, EU
            • Attending sales conferences, training, R&D, networking events, etc.
            • Funny celebrations, team outings, and unforgettable corporate events
            • Compensation for sick leaves and regular vacations
            • Marketing team support your activities
            • Comfortable office or possibility to work remotely

            Responsible for

            • Achieve quarterly and annual quota and pipeline development objectives
            • Dealing with multiple warm leads from US/Western Europe/Middle East
            • Preparing business offers and commercial proposals
            • Holding negotiations with clients
            • Deals closure and successful transition to delivery
            • CRM activity and rules adherence for accurate sales planning, reporting, and forecasting
            • Attending conferences, events, and meetups (once the borders are open)

              Please send your CVs to [email protected]

              Senior Content Writer

              UnderDefense, a globally top-ranked firm by Gartner and Clutch and a super fast growing company, is looking for a talented and genuinely curious Senior Content Writer to strengthen its Marketing team, who is eager to be a part of a team of cybersecurity professionals, and support the company’s ambitious goals. 

              Key Responsibilities:

              • Manage content planning process and align it with the business strategy.
              • Handle the ideation and creation of compelling content, including whitepapers, blog posts, social media posts,etc.
              • Produce SEO-optimized content, collaborate with the SEO team to maximize Intellias online visibility.
              • Plan out video and visual content together with a designer.
              • Prepare video scripts for explainer videos and interviews.
              • Generate ideas for new content types.
              • Research industry-based and expertise-based topics in tight cooperation across company departments.
              • Communicate and cooperate with an editor, designer, and a website manager.
              • Ensure all-around content consistency in terms of brand, style, quality, and tone of voice.

              The ideal candidate will have:

              • Advanced level of English – must-have.
              • Experience writing for business – 3+ years.
              • Proven record of excellent writing demonstrated in a professional portfolio.
              • Educational background in Linguistics, Philology, or related field preferred.
              • Understanding of the B2B segment.
              • Proven ability to create engaging, value-based, and clear content.
              • Experience in competitive storytelling.
              • Understanding of SEO strategies and keyword placement practices.
              • Research proficiency and the ability to bring unique, impactful insights to the content.
              • Excellent time management skills, including the ability to multitask, prioritize, and meet deadlines.
              • Exceptional attention to detail.
              • Be passionate, curious, and self-organized.

              We offer:

              • 18 business days of payable annual free-time.
              • 10 days of paid sick leave.
              • Competitive compensation package (base + bonus for KPI).

              Professional growth:

              • Challenging and non-standard tasks and projects.
              • Individual Development Plan.

              Fun:

              • Team buildings.
              • Corporate events and outstanding parties.
              • Anniversary presents. 

                Please send your CVs to [email protected]

                Project Manager/Coordinator

                З однієї сторони у Львові неможливо випити кави, щоб не почути як за сусіднім столиком обговорюють особливості деплоїнгу реакт ап в докерах, а з іншої – коли тобі в час кризи треба ще одного відповідального керівника проектів, то доводиться по три рази на рік шукати.
                Цього місяця ми найняли одразу трьох супер-людей: контет райтера, С дева і фронтенд дева. Але ми і надалі вперто ростемо, тому нам потрібно ще більше людей із супер-здібностями: наприклад надлюдина-керівникпроектів.
                Із вимог:
                – здібність тримати в голові більше 5 проектів одночасно;
                – здібність пообіцяти і зробити, а не завтикати;
                – здібність вирішувати проблеми, а не створювати нові;
                – здібність не тільки слухати клієнта, а й чути його;
                – здібність розмовляти з клієнтом не тільки про проект;
                – зідбність бачити проблеми клієнта;
                – здібність розпізнавати потреби працівників;
                PMBOK пише, що для ПМа індустрія неважлива і, можливо, так і є, якщо у вас 20 років досвіду у різних доменах і розміри команд коливались від 10 до 50 людей. Але конкретно у нас є одине але: потрібен ПМ, який ЗАНУРЮЄТЬСЯ, намагається ЗРОЗУМІТИ і хоче РОЗІБРАТИСЯ в технічних нюансах сайберсек’юриті домену. І це не просто бажана але критично-необхідна риса.
                Саме тому ми шукаємо ще одного молодого і амбітного ПМа із хоча б одним роком досвіду, що захоче вирости разом з нами до лідера, який впевнено розвиватиме делівері команду на перетині множин управління проектами, екаунт менеджменту та spears-seeds-nets продажів. Повірте, це дуже цінний досвід і на ринку не так багато місць, де ці потреби-вимоги зосереджені в одній посаді.
                Подавайтесь сміливо, не соромтесь, можливо саме ви та людина, яка нам потрібна. Перевага – молодим керівникам або координаторам проектів з укрїанських ІТ-аутсорсерів першої десяткам. Хоча якщо ви ніколи не працювали в ІТ але надзвичайно сильно вірите в свої сили – теж надсилайте резюме. Тільки врахуйте, що доведеться 1-2 роки вджобувати вечорами і ночами, щоб “догнати” брак техосвіти. Це реалії UnderDefense – постійна самоосвіта, робота з мультиконтекстом, високий оперативний темп і багато експериментів.
                Бонус тим, хто дочитав: [email protected]
                Проміння добра тим, хто пошерить.

                Location: Global or Remote

                MacOS Malware Analyst / Reverse Engineer

                UnderDefense is a fast-growing company that safeguards businesses around the globe from cybersecurity threats. We are looking for a Reverse Engineer who will join our Reverse Engineering Team improving an antivirus engines that secures 2+ million customers over 9 years.

                You will get a chance to investigate the latest malware samples and design ways of resilience to cyber threats. Primarily you will work in MacOS malware direction, but we also give chances to take part in other projects in offence & defense areas and develop skills in the cybersecurity domain. If you are with a curious mindset and have an interest in malware engineering, we are willing to have you in our UD team.

                Type of employment contract: Full-time position 

                Starting date of the contract: As soon as possible

                Location: Lviv office (remote – is available but for very mature candidates). We provide relocation support + 1-month free apartment

                Send CVs to [email protected]

                Qualifications:

                Level of English: Intermediate+

                Preferred Experience: Perform reverse of malicious samples and ability to clearly explain their behavior

                Technical skills: 

                • MITRE/TTP/IoA/IoC strong understanding
                • C/C++, Bash, Python, Powershell
                • Cryptography: understanding basic principles, encoding, hashing
                • UNIX Operating System concepts
                • Yara rules experience
                • OS virtualization: VMWare, Virtual machines
                • Assembly language knowledge, at least basic
                • Working with Sandbox and ability to analyse their results: e.g: Cuckoo Sandbox, Any.Run, Joe Sandbox, etc
                • Experience working with IDS
                • Mitre Matrix knowledge

                Tools:

                • Network: strong knowledge of WireShark, tcpdump etc
                • Experience working with reverse engineering tools (IDA, Ghidra, Hopper etc.)
                • Experience with debuggers:gdb, lldb etc
                • Experience working with System Monitoring tools: ProcMon, SysMon (Windows), auditd (Linux), Monitor.app, FortiAppMonitor (Mac OS)
                • Experience working with osquery and analyzing output.
                • Experience with tracing tools: dtrace, dtruss etc
                • Working with VirusTotal, VirusShare, VirusBay in order to find new threats

                Will be a plus:

                • DB: experience working with Mongo DB and SQL will be a plus

                • Working with Big data analysis tools like Splunk and ELK will be preferable

                • Exploit development knowledge

                • Digital Forensics experience will be a plus

                What we offer:

                • Growth, really fast growth
                • Good salary + really challengeable projects
                • Brilliant Team
                • Great conditions for education and development within the company 
                • Paid vacation and sick-leaves
                • Paid certifications and courses
                • Internal training and workshops
                • Work-rest balance support (Foosball, workout station) 
                • English courses

                Please send your CVs to [email protected]

                Senior Penetration Tester / Security Engineer (Poland)

                Qualifications:

                • Technical skills: Web/Mobile security, Network Security, Windows domain, UNIX/Linux, and basic experience in  Reverse Engineering is a plus.
                  • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as OWASP Risk Rating Methodology.

                  Preferred Experience:

                  • eWPT or OSCP or other related security certifications
                  • Love to code on Python, .NET, or similar languages

                Responsibilities:

                Do penetration tests of applications and networks against a wide array of technologies and platforms

                • Create detailed penetration testing reports which explain identified technical and logical security findings, describe potential business risks, and present prioritized recommendations
                • Understand, review, interpret vulnerability assessment
                • help design Secure SDLC in a mixed waterfall/agile environment (OWASP SAMM)
                • hands-on perform specialist appsec processes in SDLC (design review, Java code review, testing, etc)
                • help properly set up automation in CI/CD (so HP Fortify / HP WebInspect suck less)
                • basic performance testing to ensure system’s Availability (optional)
                • Contribute to the ongoing enhancement of the company’s penetration testing assessment capabilities
                • Collaborate and share knowledge internally
                • Ability to think outside the box and simulate adversarial approaches

                What we offer:

                • Growth, really fast growth
                • Good salary + really challengeable projects
                • Brilliant Team
                • Paid vacation and sick-leaves
                • Paid certifications and courses
                • Internal training and workshop (conferences, workshops, training, etc.)
                • English courses  
                • Work-rest balance support ( foosball, workout station) 

                Please send your CVs to [email protected]

                Azure Sentinel Engineer / Cloud Security Operations Engineer

                Remote work will be considered for a well-qualified candidate.

                 

                Position Overview

                UnderDefense is looking for a candidate who has experience in Azure and especially Sentinel SIEM. As a Cloud Security Engineer, you will be expected to consult, develop alerting, provide best practices for the Azure and Sentinel platform, identify security detection gaps in infrastructure and process, and effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison while supporting the Security Operations Center.

                 

                Job Responsibilities Will Include

                • Use Microsoft Sentinel as appropriate to provide logging and metrics for a variety of Azure-based applications.
                • Create alerts and monitoring for key security and application events.
                • Develop dashboards and reports for monitoring of real-time log data.
                • Advice on prioritization of data collection and data retention to achieve maximum results for security and event monitoring.
                • Deliver results through teamwork while achieving security and incident response goals.

                Preferred Qualifications

                • 2+ years of experience as an Azure administrator, architect, or consultant
                • Experience with Sentinel.
                • Experience in interacting with other IT stakeholders gathering requirements, onboarding, configuration, and optimization of the Splunk suite of tools
                • Preferred experience with Linux systems and using scripting languages (Shell, Python, SQL) to automate tasks and manipulate data
                • Knowledge of enterprise logging, including application, OS, and security technology logging
                • Cybersecurity: 2 years
                • Customer Facing Consulting: 2 years
                • Azure Platform: 3 years
                • Azure Sentinel: 1 year
                • Can advise customers on the Microsoft Cloud Security capabilities across the Azure platform
                • Deep understanding of how to implement best practices for designing and securing Azure
                • Deep experience with Microsoft technologies including Azure Active Directory, MDT, Windows Server, and M365/O365
                • Deep understanding of the configuration of End Point security features
                • A base understanding of common exploitation tools, tactics, and procedures
                • Familiarity with determined adversaries and how malicious software persists on compromised systems
                • Ability to look at situations from several points of view

                Preferred Certifications

                • Microsoft Certified: Azure Security Engineer Associate – AZ-500
                • SANS – GSEC, GCIA, GMON, GCDA, GCED
                • ISC(2) – CISSP, CCSP
                • other similar professional certifications

                Job Description

                • Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.
                • Responsible for working with architecture to take high-level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding, and operationalization.
                • Evaluates patches, updates, and ongoing maintenance. Determines impacts on existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions.
                • Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
                • Works with operational partners to enable transition and day-to-day supportability.
                • Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.

                  Please send your CVs to [email protected]

                That’s our TEAM because Together Everyone earns More

                Read our latest NEWS

                How to detect CobaltStrike Command & Control communication

                How to detect CobaltStrike Command & Control communication

                How to detect CobaltStrike Command & Control communicationBy Bogdan VennykCobaltStrike became part of the Cybercrime’s “toolset” almost in every Company breach. This growth is explained by the fact that CobaltStrike was leaked multiple times and became more...

                read more
                Detecting DGA domains: Machine Learning approach

                Detecting DGA domains: Machine Learning approach

                Detecting DGA domains: Machine Learning approachBy Alexander RagulinIn this post we are going to take a look at Domain Generation Algorithms (DGA) and an interesting way to detect them with the help of Deep Learning (LSTM neural net, to be precise). DGA domains are...

                read more

                View Report

                Leave your contacts to View Report

                 

                You have Successfully Subscribed!

                ViewReport

                Leave your contacts to View Report

                 

                You have Successfully Subscribed!

                View Report

                Leave your contacts to View Report

                 

                You have Successfully Subscribed!

                Pin It on Pinterest