Location: Global or Remote

MacOS Malware Analyst / Reverse Engineer (priority)

UnderDefense is a fast-growing company that safeguards businesses around the globe from cybersecurity threats. We are looking for a Reverse Engineer who will join our Reverse Engineering Team improving an antivirus engines that secures 2+ million customers over 9 years.

You will get a chance to investigate the latest malware samples and design ways of resilience to cyber threats. Primarily you will work in MacOS malware direction, but we also give chances to take part in other projects in offence & defense areas and develop skills in the cybersecurity domain. If you are with a curious mindset and have interest to malware engineering, we are willing to have you in our UD team.

Type of employment contract: Full-time position 

Starting date of the contract: As soon as possible

Location: Lviv office (remote – is available but for very mature candidates). We provide relocation support + 1 month free apartment

Send CVs to: [email protected]

Qualifications:

Level of English: Intermediate+

Preferred Experience: Perform reverse of malicious samples and ability to clearly explain their behavior

Technical skills: 

  • MITRE/TTP/IoA/IoC strong understanding
  • C/C++,Bash, Python, Powershell
  • Cryptography: understanding basic principles, encoding, hashing
  • UNIX Operating System concepts

  • Yara rules experience

  • OS virtualization: VMWare, Virtual machines.

  • Assembly language knowledge, at least basic

  • Working with Sandbox and ability to analyse their results: e.g: Cuckoo Sandbox, Any.Run, Joe Sandbox etc

  • Experience working with IDS

  • Mitre Matrix knowledge

Tools:

  • Network: strong knowledge of WireShark, tcpdump etc
  • Experience working with reverse engineering tools (IDA, Ghidra, Hopper etc.)
  • Experience with debuggers:gdb, lldb etc
  • Experience working with System Monitoring tools: ProcMon, SysMon (Windows), auditd (Linux), Monitor.app, FortiAppMonitor (Mac OS)
  • Experience working with osquery and analyzing output.
  • Experience with tracing tools: dtrace, dtruss etc
  • Working with VirusTotal, VirusShare, VirusBay in order to find new threats

Will be a plus:

  • DB: experience working with Mongo DB and SQL will be a plus

  • Working with Big data analysis tools like Splunk and ELK will be preferable

  • Exploit development knowledge

  • Digital Forensics experience will be a plus

What we offer:

  • Growth, really fast growth
  • Good salary + really challengeable projects
  • Brilliant Team
  • Great conditions for education and development within the company 
  • Paid vacation and sick-leaves
  • Paid certifications and courses
  • Internal trainings and workshops
  • Work-rest balance support (Foosball, workout station) 
  • English courses

Please send your CVs to [email protected]

Security Researcher / Senior Security Engineer / Penetration Tester

Qualifications:

  • Technical hands-on skills: Web/Mobile security, Network security, Windows domain, UNIX/Linux, and strong experience in  Reverse Engineering
    • Knowledge of system and/or web application vulnerabilities and MITRE
    • Infrastructure Pentesting and RedTeaming experience
    • Basic Hardware hacking skills and strong curiosity in this direction

    Preferred Experience:

  • Love to code on Python, PowerShell, .NET/C#, or similar languages
  • eWPT or OSCP/OSCE or other related security certifications
  • English upper-intermediate

Responsibilities:

Do penetration tests of applications and networks against a wide array of technologies and platforms

  • Project Zero-style research of trending hardware/software, popular web and mobile apps, network and IoT devices, attack techniques, etc. 
  • Developing PoCs of security tools/products that don’t exist, but should
  • Penetration testing (Cloud,Infrastructure, apps, mobile, physical (US/EU), Red Team excercises)
  • Collaborate and share knowledge internally, Develop junior engineers
  • Understand, review, interpret vulnerabilities, communicate it to the customers
  • Contribute to the ongoing enhancement of the company’s penetration testing assessment capabilities
  • Ability to think outside the box and simulate adversarial approaches
  • Present results and findings to customer and team
    What we offer:

  • Interesting projects (!)
  • Good salary + really challengeable projects
  • Brilliant Team
  • Paid vacation and sick-leaves (total 24 days)
  • Paid certifications and courses
  • Internal trainings and workshop (conferences, workshops, trainings, etc.)
  • English courses  (must have)
  • Work-rest balance support 

Please send your CVs to [email protected]

Location: Lviv, Ukraine

Senior Project Manager

We are looking for a PM who will manage our bright engineering teams.

The ideal candidate doesn’t hesitate to manage people and projects. This person should evangelize an Aсtive Management approach and should have a passion for learning new domains with strong commitment to project execution. We are looking for a Personality with strong communication skills, who has some previous experience managing people, who is attentive to details and is able to work cross-functionally converting talented engineers into a high-performance team. The new Manager will join our great Delivery Leadership team.

As a member of this team, you will be communicating with clients, managing people & projects, proactively identifying and mitigating issues, assigning tasks and controlling the execution.

Qualifications:

  • A passion for challenges and courage to manage people

  • Being self-motivated, able to multitask, reliable to deliver on time, a quick-thinker, able to work in a fast-paced work environment

  • Experience managing 15+ people

  • Exceptional organization, leadership and stakeholder management skills

  • Ability to learn new domains (we work in Cyber Security)

  • Excellent written and verbal communication skills

  • Know and practice active listening techniques

  • Proficient verbal and written English

  • Ability to handle a number of simultaneous tasks while demonstrating urgency and ownership to drive tasks and issues to completion

  • Ability to apply the main principles of Software Development Methodologies

  • Practical experience in implementing scope, quality and time management principles

  • Some knowledge of cyber security domain

    Responsibilities

  • Participate in new business development
  • Manage engagement and process improvements
  • Coordinate preparation of customer proposals and statements of work
  • Deliver customer projects successfully
  • Manage customer expectations and relationship
  • Ensure that projects are delivered in line with UD process and methodologies
  • Address customer issues during an engagement in cooperation with the Account Manager
  • Make sure that the customer executes their responsibilities on the engagements
  • Identify and manage engagement risks and flag major issues early
  • Participate in overall project management, time estimation, and resource scheduling
  • Prepare engagement revenue and resource forecasts
  • Prepare estimations on time frames, quality and quantity of resources required to successfully implement projects; develop the project plan incorporating all project variables
  • Establish criteria concerning deliverability, performance, maintenance, design and costs
  • Assist in analyzing client processes through needs analysis and recommending new business models, workflows, or innovative solutions
  • Suggest innovative solutions to business problems/processes that leverage technology 

What we offer:

  • Base salary (Competitive compensation depending on experience and skills) + more as bonus for meeting our KPI 
  • Opportunities for self-realization
  • Friendly team and enjoyable working environment
  • Flexible working schedule
  • Corporate and social events
  • Experience exchange with colleagues all around the world
  • Free English classes with certified English teachers
  • Paid vacation and sick-leaves
  • Startup Success story

Please send your CVs to [email protected]


Penetration Tester / Security Engineer

Qualifications:

  • Technical skills: Web/Mobile security, Network security, Windows domain, UNIX/Linux, and basic experiense in  Reverse Engineering is a plus.
    • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as OWASP Risk Rating Methodology.

    Preferred Experience:

    • eWPT or OSCP or other related security certifications
    • Love to code on Python, .NET, or similar languages

Responsibilities:

Do penetration tests of applications and networks against a wide array of technologies and platforms

  • Create detailed penetration testing reports which explain identified technical and logical security findings, describe potential business risks, and present prioritized recommendations
  • Understand, review, interpret vulnerability assessment
  • help design Secure SDLC in a mixed waterfall/agile environment (OWASP SAMM)
  • hands-on perform specialist appsec processes in SDLC (design review, Java code review, testing, etc)
  • help properly set up automation in CI/CD (so HP Fortify / HP WebInspect suck less)
  • basic performance testing to ensure system’s Availability (optional)
  • Contribute to the ongoing enhancement of the company’s penetration testing assessment capabilities
  • Collaborate and share knowledge internally
  • Ability to think outside the box and simulate adversarial approaches

What we offer:

  • Growth, really fast growth
  • Good salary + really challengeable projects
  • Brilliant Team
  • Paid vacation and sick-leaves
  • Paid certifications and courses
  • Internal trainings and workshop (conferences, workshops, trainings, etc.)
  • English courses  
  • Work-rest balance support ( foosball, workout station) 

Please send your CVs to [email protected]

IT Security Ops Engineer

REQUIREMENTS

  • 3+ years of OS/Network hardening experience (Windows and Linux preferably)
  • 3+ years of Linux or Windows administration experience (AD, GPO, WMI, services)
  • Automation mindset with scripting ability using Python or other languages
  • Install, configure, and troubleshoot application stacks (e.g. Apache, nginx, PHP, etc.) and database applications (e.g. MySQL, PostgreSQL, MS-SQL, etc.)
  • Familiarity with one or more virtualization technologies (VSphere or HyperV is a big plus)
  • Ability and desire to:
    • Analyze, interpret and implement security hardening and best practice guidelines from reputable industry sources like Center for Internet Security (CIS20), DISA and others
    • Experience deploying and configuring server operating systems, application stacks, databases and other systems. Configure them according to various security hardening guides
    • Leverage scripting languages (e.g Python) to develop automation for supporting generation of benchmark and best practices, integrated into our cloud security platform
    • Create automation to enrich customer’s vulnerability database

NICE TO HAVE

  • Bachelor’s degree in technical field or equivalent experience
  • Strong understanding of information security technologies – including networking, firewall technologies, VPN, configuration management & server hardening, user management, intrusion detection, log analysis, vulnerability assessment
  • Familiarity with OVAL (Open Vulnerability Assessment Language)
  • Demonstrable attention to detail, creative problem-solving and persistence in your work product
  • Work comfortably at a fast-paced, multi-tasking environment

WE OFFER

  • Innovative solutions delivery to the world’s digital changes
  • Experience exchange with colleagues all around the world
  • Opportunities for self-realization
  • Friendly team and enjoyable working environment
  • Engineering, corporate and social events
  • Social package: professional & soft skills trainings, medical & family care programs, sports
  • Free English classes
  • Flexible working schedule

    AWS SecOps Engineer / Cloud Security Operations Engineers

    RESPONSIBILITIES

    • Reviewing new technologies and products for security implications
    • Helping the engineering productivity team and others in solving cyber security problems in a ways that not only comply with required standards, but also contribute materially to the security of Target systems
    • Managing day-to-day operations of the WAF/AWS Security Hub/GuardDuty products and fine tune exceptions lists
    • Advising, influencing and educating the rest of the company on matters of compliance and security
    • Implementing AWS cloud security groups and policies for applications deployments
    • Assisting security liaison on the proof of concepts for security and performance solutions
    • Providing expert advice during security incidents, and communicating technical ideas to technical and non-technical audiences clearly in speech and prose
    • Collaborating with Engineering and Operations in the design of new compliance controls for new or existing products and technologies
    • Automating routine parts of the security operations role

    REQUIREMENTS

    • Applicants must meet one of the following education and experience requirements:
      • 1+ years of relevant experience and a Bachelor’s Degree in in computer science, operations research, or a related field
      • 1+ years of experience designing secure complex distributed systems
    • Security certifications are a plus
    • Programming experience (python)
    • Application performance and low latency applications
    • Strong work ethic and a positive attitude
    • Excellent technical aptitude and a desire to learn constantly
    • Clear written and verbal communication and active listening skills
    • Responsible, self-disciplined, and motivated
    • Experience with industry compliance and security standards including one or more of the following: SOC2, ISO 27001, NIST/DoD frameworks
    • Comfortable working with arbitrary and sometimes contradictory requirements

    WE OFFER

    • Innovative solutions delivery to the world’s digital changes
    • Experience exchange with colleagues all around the world
    • Opportunities for self-realization
    • Friendly team and enjoyable working environment
    • Engineering, corporate and social events
    • Free English classes
    • Flexible working schedule

      HR Business Partner

      YOU ARE

      • Demonstrating at least 3 years of HR experience in IT
      • Skilled at negotiation, influence and conflict resolution skills
      • Experienced with problem-solving
      • Demonstrating excellent communication and meeting facilitation skills
      • A graduate of Psychology/Sociology/Management (Master degree or higher)
      • Aware of IT industry standards and trends how IT companies function
      • Having a general concept of human psychology
      • Strong in cross-cultural and financial awareness

      YOU WANT TO WORK WITH 

      • Coaching leads on communicating feedback
      • Analyzing HR data (ESAT, turnover, people costs, etc.) in Business Units/Departments to identify risks and opportunities for improvement
      • Global trends and benchmarks in partnership with the HR group to develop solutions, programs, and policies
      • Identifying and building key talent segments and provide input to the workforce plan/staffing model
      • Providing input on business unit restructures and succession planning
      • Supporting CSLs with client-facing questions related to corporate HR services and policies
      • Smooth introduction and implementation of new people management-related solutions, programs and policies within the business unit
      • Presentations conduction about corporate Talent Management framework for clients (on demand)

      TOGETHER WE WILL 

      • Select and onboard the key talents for the respective business units
      • Consult business leaders on creating efficient people management environment within business units
      • Provide consultation on organizing and conducting various feedback sessions (pit stops, 360 feedback, etc.) with business leaders to develop and communicate business goals, personal objectives and development plans of their leadership team
      • Participate in business unit leadership team meetings (facilitate on-demand) and provide input on people management-related practices
      • Assist in resolving complex or sensitive people management-related issues (critical talent and senior+ level positions). Conducts effective, thorough and objective investigations
      • Identify training needs for business units’ leaders and individual executive coaching needs and monitor training programs success
      • Build strong partnership with other Delivery partners (Finance, GTA, GDE, Administration, etc.)
      • Interpret company HR vision, mission, and strategy to Business Units/Departments leadership
      • Guide leaders through corporate Human Resources services
      • Recommend methods for integration of HR services and initiatives within Business Units/Departments
      • Meet with business leaders to discuss salary guidelines and forecasts for critical accounts or talents
      • Form job-offer deals for new hires, promotions and transfers

      Senior Marketing Manager

      UnderDefense is determined to keep on growing. So, Marketing is looking for a passionate, driven Digital Marketing Manager with hands-on experience in running ads, analytics, campaigns, SEO. If you are a self-starter always looking for new challenges and you have a get-things-done approach to work, we are looking for you.

      Main Responsibilities:

      • Develop and execute marketing campaigns tailored to multiple segments of customers
      • Partner across teams to deliver work on-time and on-budget
      • Collaborate with internal and external teams to execute from concept to development
      • Develop and execute test plans to refine messaging and drive lift
      • Apply best practices to determine opportunities to improve the customer experience

      The ideal candidate will have:

      • Hands-on experience in launching and managing CPC campaigns is a must
      • Experience with media including display remarketing
      • Ability to work both independently and to collaborate in a team
      • Strong quantitative, analytical, and problem-solving skills
      • Interest in and proven ability to quickly learn new and apply it to business needs
      • Demonstrated ability to prioritize multiple projects with great attention to detail
      • Demonstrated ability to work independently and autonomously
      • Pushes for the best customer experience and business results
      • Highly collaborative with an affinity for building relationships across teams

      We offer:

      • 18 business days of payable annual free-time
      • 10 days of paid sick leave
      • Competitive compensation package (base + bonus for KPI)

      Professional growth:

      • Challenging and non-standard tasks and projects
      • Individual Development Plan   

      Fun:

      • Team buildings
      • Corporate events and outstanding parties
      • Anniversary presents

      Middle Python Engineer

      YOU ARE

        • 3+ years of enterprise software development experience
        • Upper-Intermediate and higher level of English
        • Hands-on experience with Python
        • Practical experience using Docker and/or Kubernetes
        • Expertise with the following: backend APIs, databases, services integration, cybersecurity, core infrastructure and tooling
        • In-depth understanding of GIT
        • Write clean and well-crafted code
        • Solid understanding of development lifecycle (design, test, implement, document) and release management using modern collaboration tools
        • Able to learn quickly to understand different business domains
        • BS in computer science or a related field

        What will make you stand out

        • Experience with cloud computing platforms like AWS, GCP or Azure
        • Adept of testing, following of TDD/BDD is your advantage
        • Willingness to learn new domains and technologies
        • Team leadership skills and experience

        YOU WANT TO WORK WITH

        • Such technologies as Python, REST APIs, web development, GIT, Kubernetes, Docker, Conda, Postgres (or comparable databases)
        • Data science, ML and AI domains
        • Product for the enterprise-level users
        • Estimation and scope breakdown
        • Requirements elicitation and releases planning
        • Direct communication with the client

        Thats our TEAM, because Together Everyone eArn More

        Pin It on Pinterest