Penetration Tester (offline)
Overview:
As Penetration Tester you will contribute to our cybersecurity program. You will be involved in exciting projects in our company and our worldwide business network. You should possess a strong background in cybersecurity operations, GRC, the evolving threat landscape, as well as a clear understanding of its relevance to financial services.
In addition to professional and communication skills, social skills are very important for us.
Tasks:
• Operation of vulnerability scanner tools, including network scanners and vulnerability scanners.
• Manual verification of vulnerability scanner results (OS, Middleware and Web Application Issues), false positive analysis and exploitation.
• Penetration test documentation and report generation.
• Plan, lead and support stakeholders in remediation of vulnerabilities.
• Act as an escalation point of contact for team members, vendors and stakeholders.
• Be able to review the scope for penetration testing and risk ratings for vulnerabilities.
• Be able to deliver projects under a rigid schedule.
• Provide technical advice to Senior Management on security topics.
• Maintains quality service by establishing and enforcing organization standards.
Skills:
• Bachelor’s degree in Computer Science, Engineering, Information Security or equivalent.
• 3+ years of IT Security experience, penetration testing or vulnerability assessment.
• A strong understanding of security concepts, vulnerability management and exploitation methods. Especially in the infrastructure and OS space such as Windows, UNIX and Mobile OS platforms (Android/iOS).
• A good understanding of web technologies and web security hardening techniques, including IIS, Tomcat, Weblogic and Apache.
• Some experience required for penetration tests in the following areas, ideally several years of experience in penetration testing on:
- Network Infrastructures
- Web Applications and Web Services
- Rich Clients
- IOS and Android mobile applications
• Practical knowledge with a strong approach in documentation and presentation.
• Very good analytical skills, with the ability to breakdown complex problems into actionable steps.
• The ability to communicate IT security issues to other business areas in technical and non-technical language.
• Software Development and design of Web-Applications (Basics).
• Basics in some programming languages and principles (PHP, Python, Perl, Java, JavaScript, SQL, TCP/IP, ISO/OSI layered system structure).
• Tools used: NMAP, Nessus / OpenVAS / Qualys, Burp, shell scripting, automation in reporting, exploitation etc.
• Good language and communication skills in English are required, German language skills are a plus. Written fluency in English is important as all project related communication will be in English language.
• Strong team player and good social skills.
• Self-organizing and committed to your tasks.
Will be a sufficient plus:
• Some of the following certifications: OSCP, OSCE, OSWE, CISSP, CISM, CEH or SANS Certification (GWAPT).
• Knowledge of the ITIL framework would be an advantage.
• Previous experience in project management preferred, especially support and tracking remediation.
The company offers (if relocation):
- Medical and social insurance for all family members
- German language courses
- Visiting conferences and seminars (up to 3 times a year) through the European Union
- Obtaining professional certification on annual basis
- Assistance with registration at all instances, appointment of all meetings and support in the filling of all official visa documents. Covering all consular fees
- Covering relocation expenses and providing corporate accommodation for the first three months
As Penetration Tester you will contribute to our cybersecurity program. You will be involved in exciting projects in our company and our worldwide business network. You should possess a strong background in cybersecurity operations, GRC, the evolving threat landscape, as well as a clear understanding of its relevance to financial services.
In addition to professional and communication skills, social skills are very important for us.
Tasks:
• Operation of vulnerability scanner tools, including network scanners and vulnerability scanners.
• Manual verification of vulnerability scanner results (OS, Middleware and Web Application Issues), false positive analysis and exploitation.
• Penetration test documentation and report generation.
• Plan, lead and support stakeholders in remediation of vulnerabilities.
• Act as an escalation point of contact for team members, vendors and stakeholders.
• Be able to review the scope for penetration testing and risk ratings for vulnerabilities.
• Be able to deliver projects under a rigid schedule.
• Provide technical advice to Senior Management on security topics.
• Maintains quality service by establishing and enforcing organization standards.
Skills:
• Bachelor’s degree in Computer Science, Engineering, Information Security or equivalent.
• 3+ years of IT Security experience, penetration testing or vulnerability assessment.
• A strong understanding of security concepts, vulnerability management and exploitation methods. Especially in the infrastructure and OS space such as Windows, UNIX and Mobile OS platforms (Android/iOS).
• A good understanding of web technologies and web security hardening techniques, including IIS, Tomcat, Weblogic and Apache.
• Some experience required for penetration tests in the following areas, ideally several years of experience in penetration testing on:
- Network Infrastructures
- Web Applications and Web Services
- Rich Clients
- IOS and Android mobile applications
• Practical knowledge with a strong approach in documentation and presentation.
• Very good analytical skills, with the ability to breakdown complex problems into actionable steps.
• The ability to communicate IT security issues to other business areas in technical and non-technical language.
• Software Development and design of Web-Applications (Basics).
• Basics in some programming languages and principles (PHP, Python, Perl, Java, JavaScript, SQL, TCP/IP, ISO/OSI layered system structure).
• Tools used: NMAP, Nessus / OpenVAS / Qualys, Burp, shell scripting, automation in reporting, exploitation etc.
• Good language and communication skills in English are required, German language skills are a plus. Written fluency in English is important as all project related communication will be in English language.
• Strong team player and good social skills.
• Self-organizing and committed to your tasks.
Will be a sufficient plus:
• Some of the following certifications: OSCP, OSCE, OSWE, CISSP, CISM, CEH or SANS Certification (GWAPT).
• Knowledge of the ITIL framework would be an advantage.
• Previous experience in project management preferred, especially support and tracking remediation.
The company offers (if relocation):
- Medical and social insurance for all family members
- German language courses
- Visiting conferences and seminars (up to 3 times a year) through the European Union
- Obtaining professional certification on annual basis
- Assistance with registration at all instances, appointment of all meetings and support in the filling of all official visa documents. Covering all consular fees
- Covering relocation expenses and providing corporate accommodation for the first three months
About Freelancer Yulia Osa
German company that provides premium-quality services in the Cybersecurity field.Combining the best world practices and innovations in Cybersecurity with the traditional German values, such as reliability, accuracy, honesty, diligence, responsibility and perfection in performance, we provide our clients with a whole package of modern cybersecurity services, including penetration testing, information security auditing, data protection, GRC (governance, risk management, compliance) Staff Educating and Digital Forensics.
Among our clients are mostly Banks, Trading Houses, Brokerage, Automotive and Insurance companies. Those businesses are the number-one-targets for cybercriminals around the world, so their cybersecurity requires the highest standards. Also, being a social responsible company, we help to secure various social institutions for free or minimum fee.
We are looking forward to collaborate with the IT guys remotely.
So, don’t hesitate to apply and become a part of highly-qualified professionals that make digital world more safe and secure!
Company website:
https://diesec.com/en/
The job ad is no longer active
Job unpublished on
3 March 2022
Look at the current jobs Python Relocate→
$1500-4000
Average salary range of similar jobs in
analytics →
Similar jobs
Python (Django) Developer at PLANEKS
Ukraine
Senior Python Developer (AWS) at Luxoft
Ukraine
AI Engineer (Generative NLP, AI Agents, Prompting) at WebLab Technology
United Arab Emirates, Estonia to $4000
All jobs Python Relocate All jobs German Cybersecurity company