Security Penetration Tester remotely/in Strasbourg

We are looking for several Security Penetration Tester for a client project remotely/in Strasbourg.

Start Date: 01/02/2023

End Date: 31/10/2023; possible extensions

Work Location: 6 months off-site and 3 months onsite/mixed

Task description:

• Provide the following automated, manual or hybrid security testing services following appropriate industry wide, highly recognized methodologies and standards (together with the other departments):
• Penetration testing including application pen testing, infrastructure pen testing, cloud application & environment pen testing, social engineering testing, web application testing, device pen testing (including workstations, servers, laptops and mobile devices·- tablets and smartphones), wireless pen testing;
  • Vulnerability Assessment services for external and internal systems;
• Engage the Client prior to actual test to confirm logistics arrangement, understand test goals and objective client would like to achieve as a result of the test;
• Security source code review or development experience in C/C++, C#, VB NET, ASP, or Java;
• Identify information to be provided by Client based on the nature of test being performed (e.g., White Box, Black Box, Grey Box);
• Identify targets and map attack vectors; identify the exploitable vulnerabilities;
• Establish an incident and escalation management process to handle 1Ssues that may happen during the test;
• Perform clean-up activities after conducting penetration testing;
• Provide the Client with a report for each service completed and provide recommendations to mitigate deficiencies and risks.

Job requirements:

• University degree (master or equivalent) in Computer Science;
• Minimum 10 years of experience in providing IT and Information security services;
• Industry certifications or similar qualifications appropriate to the services provided, such those listed below, will be a plus:
  • GIAC Certified Penetration Tester (GPEN)
  • GIAC Web Application Penetration Tester (GWAPT)
  • Certified Ethical Hacker (CEH)
  • GIAC Systems and Network Auditor (GSNA)
  • Certified Penetration Tester (CPT)
  • Certified Expert Penetration Tester (CEPT)
  • GIAC Certified Web Application Defender (GWEB)
  • ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
  • Certified Ethical Hacker (CEH)
  • Offensive Security Certified Professional (OSCP)
  • CREST Penetration Testing Certifications
• Experience providing consulting services in a highly confidential environment;
• Understanding and demonstrable willingness to learn of offensive and defensive security, including offensive evasion and defensive prevention techniques;
• Experience with penetration testing against a wide variety of applications including web, mobile, and thick client above and beyond running automated tools required;
• Ability to present findings and recommendations to peers, co-workers, and customers;
• Very good English speaking and writing skills
• Capacity in writing documents;
• Good communication skills; Ability to communicate effectively with development team;
• Experience and willingness of working in an international/multicultural environment;

Candidates should be Citizens of the European Union and should be able to get the European Security Clearance