IT Security Penetration Tester / Pentester OSCP, GPEN (mfd): ASAP, remote, nearshore

Baden-Württemberg  ‐ Remote

Schlagworte

Penetration Testing Forschung Informationssicherheit Bash Shell Burp Suite Compliance Informationssysteme Computerprogrammierung Datenbanken Linux Python Nearshoring Nmap Windows Powershell Transport Layer Security Metasploit Nessus Betriebssysteme Analyse der Schwachstellen

Beschreibung

For an exciting long-term customer of our cooperative we are looking for a freelance Senior penetration Tester (mfd).

Parameters:
- Start: June 2025
- Duration: Sept. 2025 plus potential extension
- Workload: ideally full-time, but 80-90%+ also possible
- Location: remote
- Languages: professional English project fluency
- Nationalities: EU / nearshore, ideally from Hungary, Romania, Slowenia, Czechia, Croatia or Poland

Job Purpose:
As a Senior Penetration Tester, your primary role is to assess and enhance the security of our information systems, networks, and applications through comprehensive penetration testing and vulnerability assessments. You will work closely with our internal product teams to identify weaknesses in their systems and provide actionable recommendations for improvement. Your expertise will help safeguard sensitive data and protect our customers from potential cyber threats. Additionally, you will be responsible for coordinating penetration tests with third-party vendors when required.

Duties and Responsibilities:
• Conduct penetration tests on a wide range of digital products, including networks, web, and mobile applications, to identify vulnerabilities and security weaknesses.
• Collaborate with internal product teams to understand their set-ups, goals, and constraints. o Effectively communicate findings and solutions to technical and non-technical stakeholders. o Prepare detailed and clear reports documenting findings, reproduce steps, and recommended remediation steps, ensuring the internal product teams understand the security implications.
• Work with cross-functional teams, including security engineers and developers to help them to implement security measures and resolve identified vulnerabilities.
• When your schedule is constrained, coordinate, and manage penetration tests with third- party vendors, ensuring high-quality and timely delivery.
• Contribute to the development and improvement of our testing methodologies, processes, and tools.
• Stay up to date with the latest threats, vulnerabilities, and exploits and develop new testing techniques as necessary.

Authorities:
• Authorized to conduct penetration tests and security tests on selected digital products.
• Authorized to make recommendations for remediation actions based on test results.
• Authorized to engage with internal product teams to discuss findings and recommendations.
• Authorized to coordinate and manage penetration tests with third-party vendors if needed.

Qualifications:
• Proven experience in penetration testing, vulnerability assessment, and security testing with a minimum of 8 years in a similar role.
• Proven track record of conducting successful penetration tests for a variety of organizations and industries.
• Industry-recognized certifications such as Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN) certifications, or similar qualifications are highly desirable.
• Demonstrated experience in vulnerability research (e.g., CVEs) is a plus.
• Experience in designing, developing, and executing customized penetration testing methodologies.
• Familiarity with various tools and frameworks used in penetration testing, such as Metasploit, Burp Suite, Nessus, Nmap etc.
• Strong knowledge of operating systems (Windows, Linux, and mobile platforms), databases, and web technologies.
• A deep understanding of common security protocols and technologies, including firewalls, intrusion detection/prevention systems, SSL/TLS.
• Programming skills and experience with languages such as Bash, Python, and PowerShell
• The ability to provide clear, comprehensive, and actionable reports on penetration test findings, including recommendations for remediation.
• Exceptional written and verbal communication skills to effectively convey technical information to both technical and non-technical stakeholders.

Other attributes:
• Strong teamwork and collaboration skills to work with cross-functional teams and foster a culture of security testing within the organization.
• Willingness to participate in research, attend relevant conferences, and seek further professional development.
• Awareness of relevant laws, regulations, and standards related to information security and privacy.
• A commitment to ethical conduct, integrity, and confidentiality while performing penetration testing activities.

Summary:
A successful candidate will have worked with the tech-stack / tools and in tasks above in similar environments, contexts and roles and can make a convincing case for their skills and know-how showing a proven track record. Furthermore, a short paragraph (letter of motivation / why me) about the fit regarding this project is mandatory, supported by relevant success stories as well as verifiable references.

Video-conferences will be arranged with the client after review of profile and application, first screening is planned end of this week.
If you are interested, please apply with WORD-CV, short paragraph about your suitability and availability as well as hourly rate.

Additional aspects:
This role is ONLY for registered FREELANCERS with EU-nationality due to compliance requirements. Consequently, non-EU nationals or employees of consultancies etc. CANNOT be considered for these roles.

WICHTIG: Dieses Projekt ist aus Compliance-Gründen NUR für Freiberufler aus der EU, d.h. festangestellte Mitarbeiter von Beratungshäusern oder Nicht-EU Bürger können NICHT berücksichtigt werden.
Start
06.2025
Auslastung
100% (5 Tage pro Woche)
Dauer
3 Monate
(Verlängerung möglich)
Von
4freelance recruitment eG
Eingestellt
21.05.2025
Ansprechpartner:
Timo Berg
Projekt-ID:
2881277
Branche
Anlagen- und Maschinenbau
Vertragsart
Freiberuflich
Einsatzart
100 % Remote
Um sich auf dieses Projekt zu bewerben müssen Sie sich einloggen.
Registrieren