Beschreibung
Supporting our strategic client we are looking for an expert within penetration testing processes.Definition of the end to end Penetration Testing Service and all supporting processes that are needed with the input of the IT Security Manager (Vulnerability Management) and IT Security Operations Team Lead
Document the processes and make recommendations for process improvements.
Define and document the Penetration Testing Security Standard
Co-ordinate and manage Penetration Testing requests from the relevant IT and Business Stakeholders and gather and document all requirements for the requested security assessment
Engage with the Third Party Penetration Testing Provider to discuss the Penetration Testing requirements and schedule the testing
Assist the IT Security Manager (Vulnerability Management) in the management and co-ordination of the remediation activities relating to the open findings from a Penetration Test and ensure they are communicated and remediated in a timely manner
Maintain the IT Security risk register and provide input to the IT Security Operations Team Lead for any internal and external audits relating to Penetration Test as and when required
Provide written analysis for monthly reports on an as-needed basis
Create Reports and Dashboards
Generate reports for both technical and non-technical staff and stakeholders
Assist in the Day to Day Service Management of the Vulnerability Management as and when required or when the IT Security Manager is on holiday/leave
Assist with CIS Benchmark Deviation requests and liaise with the relevant teams to ensure resolution in a timely manner
Ensuring a proactive approach in analysing and responding to Penetration Testing Requests and Penetration testing findings that need to be addressed
Strong Experience in Process and Service Design for IT Security Operational Services particularly Penetration Testing
Experience of Vulnerability Management and/or Penetration Testing processes and remediation of vulnerabilities/penetration testing findings in a timely manner
Good understanding of vulnerability frameworks and advisories (NVD , CVE)
Strong analytical, troubleshooting and problem-solving skills for vulnerability management and penetration testing
Experience of CIS Benchmarks Policies
Knowledge of Active Directory and Group Policies
Knowledge of OWASP
CompTIA Security+ Certification is required
Good knowledge of attack vectors particularly MITRE Attack Framework
Knowledge of Cloud security principles, techniques and technologies
Ability to create documentation
Ability to resolve problems independently and understand the escalation procedure
Knowledge and experience with Windows, Unix/Linux operating systems
Experience working with an MSSP or Third Party Provider
Good understanding of Firewalls and Network Security
Understanding of network protocols
Keep up to date with current threat intelligence
Experience as a Pen Tester is an advantage but not essential
Excellent written and verbal communication
Strong analytical and problem solving skills
Ability to speak to non-technical stakeholders and ensure the problem or issue is understood
Confident in engaging with Stakeholders at all levels of the organisation
Ability to manage multiple tasks
Business fluent English is required
If you are interested, please provide us with your current cv incl. project list, preferably in word-format. Reference :J Duration :31.03.2021 Location : Remote/Essen Languages : English, German emagine GmbH Kudranovic, Nathalie T : F :