Ethical Hacker/Penetration Tester
- Recruiter
- ASML
- Location
- Netherlands
- Salary
- Competitive
- Posted
- 15 Aug 2022
- Closes
- 21 Aug 2022
- Job Type
- Ethical Hacker
- Employer Sector
- Technology, IT & Telecoms
- Contract Type
- Permanent
- Hours
- Full Time
Location
Veldhoven, Netherlands
Team
IT
Experience
3–7 years
Degree
Bachelor
Job Category
Other technical job categories
Travel
10%
Introduction
As an Ethical Hacker you are responsible for conducting penetration tests upon (parts of) the ASML infrastructure (LAN, WAN, network connected devices, mobile devices, network infrastructure) and used software (web applications, mobile apps) and to assure timely execution of the pentests within the budget. Interest to span adversary emulation, red teaming, hunting and automation is a plus to establish offensive capability within ASML.
Role and responsibilities
You will determine the scope and align upon the approach of the technical assessment with applicable stakeholders.
You will report and align upon the findings, conclusions and propose corrective actions with applicable stakeholders and will coordinate and/or conduct re–assessments after the implementation of the agreed corrective actions.
You will support projects by conducting technical assessments upon project deliverables to assure newly introduced hardware and software will not introduce new vulnerabilities, security weaknesses or non–compliance issues.
You will finetune pentest process description, used templates and support pentest tooling.
The focus of this role will be on the pentest of:
Web applications/web services/mobile applications (Android, iOS)
Servers and their OS s (e.g. Windows, LINUX, VMware)
Network devices (e.g. routers, switches, load balancers)
Office automations devices (e.g. laptops, printers)
SCADA / ICS / OT environment
Cloud environments
Other network connected devices
As an Ethical Hacker, you will need to:
Understand complex computer systems and technical cyber security terms
Coordinate and/or carry out remote testing of a network or onsite testing of the infrastructure to discover weaknesses in the network defense mechanism
Work with stakeholders to determine their requirements from the test, for example the number and type of systems they would like testing
Create penetration testing automation scripts
Advise on the methods to fix or to reduce security risks to the information systems
Consider and discuss the potential impact the pentest on the business and on its users
Create reports and recommendations from your findings
Present your findings, risks and conclusions to both technical and non–technical audiences
Understand and be able to communicate how the flaws that has been identified could affect a business, or business function, if they're not fixed
Be part of Adversary Emulation/Red Team assignments
Education
Bachelor/Master degree or equivalent by experience
Strong knowledge of industry security best practices and frameworks
Experience
More than 3 years experience with planning, preparing and conducting penetration tests
Experience with the documentation and reporting of pentest findings including proposed corrective actions
Experience with security of networks, servers, applications, mobile devices (iOS, Android), and cloud environments
Having a security certificate (e.g. OSCP, OSWE, OSCE, CEH) or any other relevant security certificate is a preference
Personal skills
Analytical, precise, tenacious, autonomous
Problem solving skills, determine the most effective way to solve the detected risks.
Familiar with Global laws and legislation incl. Sarbanes Oxley
Ability to interact with all levels including engineers, executives and senior managers
Ability to overcome organizational resistance
Strong interpersonal, presentation, analytical and statistical sampling skills
Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
Exceptional written and verbal communication skills in Dutch and English are required
Flexibility to travel 5% (depends on location)
Diversity & Inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.
Other information
The best people make ASML what it is today. To attract and retain the best people, we have an extremely comprehensive, competitive employment conditions package: ASML Benefits
ASML creates the conditions that enable you to realize your full potential. We provide state–of–the–art facilities, opportunities to develop your talents, international career opportunities, a stimulating and inspiring environment, and most of all, the commitment of a company that recognizes and rewards outstanding performance. What is working at ASML like? Check this out at
Our selection process includes an online Talent Exploration that gathers information about your key drivers, your personal values, motivators and career ambitions. The Talent Exploration enables both you and us to explore if there is a mutual match – not only for today, but also for your future career at ASML.
Veldhoven, Netherlands
Team
IT
Experience
3–7 years
Degree
Bachelor
Job Category
Other technical job categories
Travel
10%
Introduction
As an Ethical Hacker you are responsible for conducting penetration tests upon (parts of) the ASML infrastructure (LAN, WAN, network connected devices, mobile devices, network infrastructure) and used software (web applications, mobile apps) and to assure timely execution of the pentests within the budget. Interest to span adversary emulation, red teaming, hunting and automation is a plus to establish offensive capability within ASML.
Role and responsibilities
You will determine the scope and align upon the approach of the technical assessment with applicable stakeholders.
You will report and align upon the findings, conclusions and propose corrective actions with applicable stakeholders and will coordinate and/or conduct re–assessments after the implementation of the agreed corrective actions.
You will support projects by conducting technical assessments upon project deliverables to assure newly introduced hardware and software will not introduce new vulnerabilities, security weaknesses or non–compliance issues.
You will finetune pentest process description, used templates and support pentest tooling.
The focus of this role will be on the pentest of:
Web applications/web services/mobile applications (Android, iOS)
Servers and their OS s (e.g. Windows, LINUX, VMware)
Network devices (e.g. routers, switches, load balancers)
Office automations devices (e.g. laptops, printers)
SCADA / ICS / OT environment
Cloud environments
Other network connected devices
As an Ethical Hacker, you will need to:
Understand complex computer systems and technical cyber security terms
Coordinate and/or carry out remote testing of a network or onsite testing of the infrastructure to discover weaknesses in the network defense mechanism
Work with stakeholders to determine their requirements from the test, for example the number and type of systems they would like testing
Create penetration testing automation scripts
Advise on the methods to fix or to reduce security risks to the information systems
Consider and discuss the potential impact the pentest on the business and on its users
Create reports and recommendations from your findings
Present your findings, risks and conclusions to both technical and non–technical audiences
Understand and be able to communicate how the flaws that has been identified could affect a business, or business function, if they're not fixed
Be part of Adversary Emulation/Red Team assignments
Education
Bachelor/Master degree or equivalent by experience
Strong knowledge of industry security best practices and frameworks
Experience
More than 3 years experience with planning, preparing and conducting penetration tests
Experience with the documentation and reporting of pentest findings including proposed corrective actions
Experience with security of networks, servers, applications, mobile devices (iOS, Android), and cloud environments
Having a security certificate (e.g. OSCP, OSWE, OSCE, CEH) or any other relevant security certificate is a preference
Personal skills
Analytical, precise, tenacious, autonomous
Problem solving skills, determine the most effective way to solve the detected risks.
Familiar with Global laws and legislation incl. Sarbanes Oxley
Ability to interact with all levels including engineers, executives and senior managers
Ability to overcome organizational resistance
Strong interpersonal, presentation, analytical and statistical sampling skills
Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
Exceptional written and verbal communication skills in Dutch and English are required
Flexibility to travel 5% (depends on location)
Diversity & Inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.
Other information
The best people make ASML what it is today. To attract and retain the best people, we have an extremely comprehensive, competitive employment conditions package: ASML Benefits
ASML creates the conditions that enable you to realize your full potential. We provide state–of–the–art facilities, opportunities to develop your talents, international career opportunities, a stimulating and inspiring environment, and most of all, the commitment of a company that recognizes and rewards outstanding performance. What is working at ASML like? Check this out at
Our selection process includes an online Talent Exploration that gathers information about your key drivers, your personal values, motivators and career ambitions. The Talent Exploration enables both you and us to explore if there is a mutual match – not only for today, but also for your future career at ASML.