Analityk Security & Compliance

We provide complete software development teams, who will take complex care of your software. We are experienced in building teams uniquely suited to the specific needs of our clients. One team - a range of skills, diverse personalities, and various approaches.

• Experience in vulnerability management or IT security analysis
• Higher technical education (Computer Science, Telecommunications, Automation, or STEM)
• Practical experience with vulnerability scanning and compliance assessment (e.g., Tenable, Qualys, Rapid7)
• Knowledge of vulnerability management lifecycle
• Familiarity with security standards (ISO 27001, NIST)
• Understanding of infrastructure components (servers, routers, SCADA, PLC, IoT)
• Ability to analyze scan results and identify false positives
• Scripting skills in Python, Bash, or PowerShell
• Strong analytical skills and technical communication
• English language proficiency at minimum B2 level

Nice to have:

• Knowledge of Windows Server
• Knowledge of Linux
• Python programming
• Bash scripting
• PowerShell scripting
• SCADA systems

• Analyze results of vulnerability and compliance scans for IT infrastructure (servers, workstations, applications) and OT/IoT environments
• Identify vulnerabilities, perform triage, and assess risk considering production and transport industry specifics
• Verify configuration non-compliance against accepted security standards
• Prepare recommendations for IT teams, automation specialists, and R&D engineers
• Plan and execute cyclical scans of IT and OT infrastructure (discovery, port scanning, topology mapping)
• Monitor data quality and scanner accuracy, analyze false positives
• Develop hardening policies and adapt standards (CIS, NIST, ISO 27001, IEC 62443, CLC/TS 50701)