Penetration Tester (security)

Düsseldorf  ‐ Vor Ort
Dieses Projekt ist archiviert und leider nicht (mehr) aktiv.
Sie finden vakante Projekte hier in unserer Projektbörse.

Beschreibung

For our fast moving consumer goods client we are looking for a Senior Penetration Tester in Duesseldorf.

Start: 03.06.19
End: 31.12.19
Location: Düsseldorf
Language: English

Project Description:
Client Security team performs continuous security assessment of existent application's landscape. The goal of such testing is to identify and fix weak points before they are exposed by an attacker.
During the execution phase of this project, which will happen from , it is the ambition of the team to assess over 300 important applications.
Each evaluation is followed by a remediation phase to fix existing security flaws.

Task Description:
- Perform network penetration, web, infrastructure and mobile application testing, source code reviews, threat analysis
- Recognize and safely utilize attacker tools, tactics, and procedures
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Make suggestions for security improvements
- Enhance existing methodology material

Skills:
- Mastery of Unix/ Linux/ Windows operating systems, including bash and Powershell
- A minimum of 3 years of work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments
- Strong knowledges on tools used for wireless, web application, and network security testing, such as WebInspect, Kali Linux, Metasploit, Burp suite, Nmap, Cobalt Strike, Nessus and Scuba
- An implementation level knowledge with all common classes of modern exploitation such as: XSS, RCE, SQLi, etc
- Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement
- Programming skills as well as the ability to read and assess applications written in multiple languages, such as JAVA, PHP, .NET, C#, or others
- Thorough understanding of network protocols, data on the wire, and covert channels
- Deep understanding and experience with various Active Directory attack techniques
- Knowledge of common hosting environments such as containerization platforms (e.g., Docker and Kubernetes) and virtual machines running under hypervisors
- Red team experience with SAP system
- Ability to share your in-depth knowledge with the team to train less experienced colleagues
- Fluent in English, due to the international character of the project

Jan Ballis
MBA Michael Bailey Associates
Team Lead Recruitment


Michael Bailey International is acting as an Employment Business in relation to this vacancy.
Start
06/2019
Dauer
6 Months
Von
Michael Bailey Associates
Eingestellt
09.05.2019
Projekt-ID:
1768313
Vertragsart
Freiberuflich
Um sich auf dieses Projekt zu bewerben müssen Sie sich einloggen.
Registrieren