One of our clients, a world-leading supplier of Identification and Border Management Software Systems is looking for experienced Cybersecurity Engineer (Penetration Tester)
Your role will be to:
- Understand the technical security gaps within our global systems, articulate possible solutions and support teams to get issues resolved.
- Research tooling and strategies for AppSec program to address risk assessments in an automated fashion at scale. Build relationships with stakeholders across groups to understand assessment needs, advise on how it should be handled and the associated notification process.
- Client’s systems are deployed in 80+ countries and are key components of national security critical infrastructure. You will advise on security improvements and methodologies to ensure our customers and their customers stay safe.
Responsibilities: Duties, and Tasks:
- Conducting Penetration Testing:
- Plan, execute, and analyze penetration tests on web applications, networks, and systems to identify vulnerabilities and weaknesses.
- Perform both manual and automated testing methodologies to simulate real-world cyber-attacks.
- Vulnerability Assessment:
- Conduct comprehensive vulnerability assessments and analyze results to prioritize and address high-risk areas.
- Stay abreast of emerging threats, vulnerabilities, and security technologies to continually improve testing methodologies.
- Reporting and Documentation:
- Prepare detailed and clear reports outlining identified vulnerabilities, potential exploits, and recommended remediation strategies.
- Provide documentation on testing methodologies, tools used, and recommendations for risk mitigation.
- Collaboration:
- Work closely with cross-functional teams, including developers, system administrators, and IT support, to ensure effective communication and remediation of identified vulnerabilities.
- Collaborate with stakeholders to understand business processes and provide security guidance.
- Continuous Improvement:
- Participate in the development and enhancement of security policies, procedures, and best practices.
- Actively contribute to the improvement of the overall security program through feedback and proactive initiatives.
- Research and deploy automated tooling to address Security Assessments at scale
Required technical skills:
Professional Experience:
- 5 years of proven experience in penetration testing and vulnerability assessments.
- Additional 5 years experience in IT operations
- Knowledge of industry-standard frameworks such as OWASP, NIST, and common security standards.
Technical Skills:
- Proficiency in using penetration testing tools and frameworks
- Strong understanding of network protocols, operating systems, and web technologies.
- Expertise with Linux and/or Tomcat administration
- Experience with one or more cloud platforms such as Azure, AWS is desirabl
Certifications:
Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or other related certifications are highly desirable.
Communication Skills:
- Excellent English communication skills.
- Ability to convey complex technical information to non-technical stakeholders.
Analytical Thinking:
- Strong analytical and problem-solving skills with attention to detail.
- Good knowledge of external cyber threats and counter measures
Education:
Bachelor’s degree or master’s degree in Computer Science or Engineering, or related field is desirable
The offer:
- Large and complex projects
- Open and friendly work environment
- Health care membership
- Motivating and competitive salary package
- 13rd salary
- Training and certifications