Beschreibung
Fantastic opportunity to secure a long term project in Frankfurt.
My client requires a Penetration Tester (APT services specialist to perform an important function in the Protection department within the Bank's CISO organization). The individual must be a self-starter and should work with minimum supervision from Senior Management. Lateral thinking, team player, innovative and creative has the ability to work under pressure.
The Job requires the following tasks:
Operating vulnerability assessment tools, including network scanner and host-based network scanners.
This includes liaison and management of 3rd party vendors who provide independent vulnerability results.
Plan, lead and support stakeholders in remediation of vulnerabilities.
Act as an escalation point of contact for team members, vendors and stakeholders.
Be able to review scope for penetration testing and risk ratings for vulnerabilities.
Be able to deliver projects under rigid schedule.
Be able to track and close security topics such as open high risk findings or assessments.
Provide technical advice to Senior Management on security topics.
Work on RFI/RFP topics, be able to converse with Global sourcing and legal team for contracts, Master Service Agreements and Non-Disclosure Agreements.
Develop presentations to Senior Management on new initiatives or budget approvals.
You will need Bachelor's degree in Computer Science, Engineering, Information Security or equivalent. At least 10 years of IT Security experience, ideally in penetration testing or vulnerability assessment in large organization.
A strong understanding of security vulnerability concepts and exploitation methods.
Especially in the infrastructure and OS space such as Windows and UNIX.
A good understanding of web technologies and web security hardening techniques, including IIS/Tomcat and Apache.
Written and verbal fluency in English is important as training will be required over the phone.
Excellent analytical skills, with the ability to breakdown complex problems into actionable steps.
Ability to communicate IT security issues to other business areas in technical and non- technical language.
CISSP, CISM, CEH or SANS Certification (GWAPT).
Knowledge of ITIL framework would be advantage.
Tools used Nmap, Nessus, Shell Scripting, automation in reporting, exploitation etc, previous experience in project management preferred especially tracking remediation.
Please get in touch for an immediate start.