Security/Penetration Tester to work at multinational Institution on

infeurope S.A.
24 Nov 2022
22 Dec 2022
Employer Sector
Technology, IT & Telecoms
Contract Type
Full Time

We are looking for several Security/Penetration Testers (6 months off–site and 3 months on–site/mixed) for a client project in Strasbourg

Task description:

  • Provide the following automated, manual or hybrid security testing services following appropriate industry wide, highly recognized methodologies and standards (together with the other departments):
    • Penetration testing including application pen testing, infrastructure pen testing, cloud application & environment pen testing, social engineering testing, web application testing, device pen testing (including workstations, Servers, laptops and mobile devices – tablets and smartphones), wireless pen testing;
    • Vulnerability Assessment services for external and internal systems;
  • Engage the Client prior to actual test to confirm logistics arrangement, understand test goals and objective client would like to achieve as a result of the test;
  • Security source code review or development experience in C/C , C#, VB NET, ASP, or Java;
  • Identify information to be provided by Client based on the nature of test being perfonmed (eg, White Box, Black Box, Grey Box);
  • Identify targets and map attack vectors; identify the exploitable vulnerabilities;
  • Establish an incident and escalation management process to handle 1Ssues that may happen during the test;
  • Perform clean–up activities after conducting penetration testing;
  • Provide the Client with a report for each service completed and provide recommendations to mitigate deficiencies and risks.

Job requirements:

  • University degree (master or equivalent) in Computer Science;
  • Minimum 10 years of experience in providing IT and Information security services;
  • Industry certifications or similar qualifications appropnate to the services provided, such those listed below, will be a plus:
    • GIAC Certified Penetration Tester (GPEN)
    • GIAC Web Application Penetration Tester (GWAPT)
    • Certified Ethical Hacker (CEH)
    • GIAC Systems and Network Auditor (GSNA)
    • Certified Penetration Tester (CPT)
    • Certified Expert Penetration Tester (CEPT)
    • GIAC Certified Web Application Defender (GWEB)
    • ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
    • Certified Ethical Hacker (CEH)
    • Offensive Security Certified Professional (OSCP)
    • Crest Penetration Testing Certifications
  • Experience providing consulting services in a highly confidential environment;
  • Understanding and demonstrable willingness to learn of offensive and defensive security, including offensive evasion and defensive prevention techniques;
  • Experience with penetration testing against a wide variety of applications including web, mobile, and thick client above and beyond running automated tools required;
  • Ability to present findings and recommendations to peers, co–workers, and customers;
  • Very good English speaking and writing skills
  • Capacity in writing documents;
  • Good communication skills; Ability to communicate effectively with development team;
  • Experience and willingness of working in an international/multicultural environment;

Candidates should be citizens of member states of the European Union and should be able to get the European Security Clearance

infeurope is a Luxembourg–based IT service provider, designing, developing and managing multilingual information and documentary systems in many application areas and business sectors. For more than 38 years we have delivered IT systems and solutions.