Penetration Tester (security)


Premium Job From Michael Bailey Associates

Recruiter

Michael Bailey Associates

Listed on

8th May 2019

Location

Düsseldorf

Salary/Rate

£33761 - £34600

Type

Contract

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

For our fast moving consumer goods client we are looking for a Senior Penetration Tester in Duesseldorf.

Start: 03.06.19

End: 31.12.19

Location: Düsseldorf

Language: English

Project Description:

Client Security team performs continuous security assessment of existent application's landscape. The goal of such testing is to identify and fix weak points before they are exposed by an attacker.

During the execution phase of this project, which will happen from 2019-2022, it is the ambition of the team to assess over 300 important applications.

Each evaluation is followed by a remediation phase to fix existing security flaws.

Task Description:

- Perform network penetration, web, infrastructure and mobile application testing, source code reviews, threat analysis

- Recognize and safely utilize attacker tools, tactics, and procedures

- Develop comprehensive and accurate reports and presentations for both technical and executive audiences

- Make suggestions for security improvements

- Enhance existing methodology material

Skills:

- Mastery of Unix/ Linux/ Windows operating systems, including bash and Powershell

- A minimum of 3 years of work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments

- Strong knowledges on tools used for wireless, web application, and network security testing, such as WebInspect, Kali Linux, Metasploit, Burp suite, Nmap, Cobalt Strike, Nessus and Scuba

- An implementation level knowledge with all common classes of modern exploitation such as: XSS, RCE, SQLi, etc

- Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement

- Programming skills as well as the ability to read and assess applications written in multiple languages, such as JAVA, PHP, .NET, C#, or others

- Thorough understanding of network protocols, data on the wire, and covert channels

- Deep understanding and experience with various Active Directory attack techniques

- Knowledge of common hosting environments such as containerization platforms (e.g., Docker and Kubernetes) and virtual machines running under hypervisors

- Red team experience with SAP system

- Ability to share your in-depth knowledge with the team to train less experienced colleagues

- Fluent in English, due to the international character of the project

Jan Ballis

MBA Michael Bailey Associates

Team Lead Recruitment

0049 - 211 5865 8000

Michael Bailey International is acting as an Employment Business in relation to this vacancy.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: