💥For our client, we are looking for a Senior Penetration Tester
💻 Key Responsibilities:
- Prepare and execute technical security assessments.
- Interface with architects and CSOs to shape the assessment scope.
- Supervise junior team members.
- Write comprehensive assessment reports and provide recommendations.
- Identify weaknesses in systems, applications, and processes.
- Conduct penetration tests on:
- Web applications
- Mobile applications
- IoT devices
- Infrastructure (networks)
- Prepare technical and process documentation.
- Run ad hoc scans using custom-built tools for emerging critical vulnerabilities.
- Perform code or configuration reviews.
- Create customer-specific measures to eliminate identified weak points.
- Present and discuss vulnerabilities with customers.
- Lead and mentor less experienced team members.
- Support BIDs and RFPs.
📣 Requirements:
- English proficiency: C1 - EF13.
- German and/or French is a plus.
💡 Certifications:
- Offensive Security Wireless Professional
- Offensive Security Certified Professional
- Offensive Security Certified Web Professional
- eCPTX
- eCPPT
- Offensive Security: 300 - Advanced Curriculum
- Principal Penetration Tester
- Senior/Principal Security Consultant
- OSCP or other offensive certifications
✔ Skills and Experience:
- 5+ years of experience in red team operations or as a pentester.
- Necessary technical and communication skills as per the responsibilities listed.
- Ability to modify and script around existing tools.
- Experience with programming languages such as Python, PHP, C/C++, C#, Java.
- Exploit development.
- Eligible for security clearance.
- Awareness of web application security.
- Knowledge of typical vulnerabilities in web applications (e.g., OWASP top 10).
- Familiarity with pentesting tools (e.g., Sqlmap, Burp, ZAP, Nessus, Acunetix, Wireshark) and testing methodologies (e.g., OWASP WSGT, MSTG).
- Participation in contests (e.g., Try Hack Me, Hack The Box) is advantageous.
- Independent problem-solving skills.
- Knowledge of secure software development, especially web applications or Rich Clients.
- At least two dedicated security certifications (e.g., CEH, OSCP, eWPTX, OSWE).
Join us in making a tangible impact on cybersecurity and be a part of a dynamic and forward-thinking team! 🚀