Beschreibung
Currently we are looking for 3x Penetration Tester/Vulnerability Specialists for our client in Germany or UK.
Job Description
The Vulnerability Assessment/Penetration Testing Specialist performs an important function in the Cyber Security Vulnerability Management & Infrastructure Security department within the Bank's CISO organization. The person must be self starter and should work with minimum supervision from Senior Management. Lateral thinking, team player, innovative and creative has the ability to work under pressure.
The Job requires the following tasks
Operation of vulnerability scanner tools, including network scanner and vulnerability scanners.
Manual verification of vulnerability scanner results (OS, Middleware and Web Application Issues), false positive analysis and exploitation
Penetration test documentation and report generation
Plan, lead and support stakeholders in remediation of vulnerabilities
Act as an escalation point of contact for team members, vendors and stakeholders
Be able to review scope for penetration testing and risk ratings for vulnerabilities
Be able to deliver projects under rigid schedule
Be able to track and close security topics such as open high risk findings or assessments
Provide technical advice to Senior Management on security topics
Develop presentations to Senior Management on new initiatives or budget approvals
Experience
Bachelor's degree in Computer Science, Engineering, Information Security or equivalent
At least 5 years of IT Security experience, ideally in penetration testing or vulnerability assessment in large organization
A strong understanding of security concepts, vulnerability management and exploitation methods. Especially in the infrastructure and OS space such as Windows and UNIX
A good understanding of web technologies and web security hardening techniques, including IIS/Tomcat and Apache
Written and verbal fluency in English is important as all project related communication will be in English language.
Very good analytical skills, with the ability to breakdown complex problems into actionable steps.
Ability to communicate IT security issues to other business areas in technical and non technical language
CISSP, CISM, CEH or SANS Certification (GWAPT)
Knowledge of ITIL framework would be advantage
Tools used Nmap, Nessus, Burp, Shell Scripting, automation in reporting,
exploitation etc
previous experience in project management preferred especially support and tracking remediation
Start: ASAP
Duration: 3 months extension - 1 year contract
Location: Frankfurt/Germany, UK or US/Singapore
Language: English
Please send your current CV in Word format for your application