Penetration Tester

  • Location

    Amsterdam, North Holland

  • Sector:

    IT

  • Job type:

    Contract

  • Salary:

    Negotiable

  • Contact:

    Lyddea Harrison

  • Contact email:

    Lyddea.Harrison@experis.co.uk

  • Job ref:

    BBBH109081_1566385480

  • Published:

    3 months ago

  • Duration:

    3-6 Months

  • Expiry date:

    2019-09-20

  • Start date:

    ASAP

  • Client:

    #

Penetration Tester - Amsterdam - 3-6 Month contract

Role Details:

Our clients Business is growing its EMEA Threat and Vulnerability practice and requires the services of a Security Consultant (Application Security Specialist) to strengthen our capability in the application security space. The candidate will be responsible for delivering security consulting services such as Secure source code review, Web/Mobile application and Network penetration testing. There is the expectation that the candidate would make this role their own, providing leadership and taking responsibility for further developing application security related service offerings.

This is a unique opportunity to provide leadership as part of a truly EMEA-wide professional services practice, with the scope for career development limited only by personal dedication and drive. As a self-motivated, client-facing professional who is comfortable in delivering clear and concise information at both technical and management level, you will be adaptable and flexible in your work with a positive attitude. You will be given the opportunity to be exposed to a broad range of large international clients and work with some of the best in the business. There is scope to learn from colleagues as well as contribute to building our security assessment capabilities through specialisation and personal research. The ideal candidate will have a strong aptitude for understanding the landscape and business context in which application security consulting services are utilised and have a mature understanding of risk to help advising clients effectively. This position is open to candidates with a minimum of 5 years of experience in a dedicated Ethical Hacker / Pen testing role

  • Interface with the client, utilise his/her field expertise for delivering projects
  • Contribute own subject expertise during proposal of project engagements
  • Communicate with stakeholders such as the client, managers, colleagues, or project subordinated
  • Develop own skills and that of the others in order to enhance the capability of the team in alignment with the department strategy
  • Report to manager on project progression status, financial status, issues, time sheets, etc.

Required abilities, skills and exposure:

  • Expertise on wired and wireless network and platform vulnerability scans, penetration testing, and reporting for recommending remediation measures.
  • Expertise on application security including web application penetration testing, source code review, and computer programming abilities.
  • Expertise on technical security auditing, including platform and network configuration review architecture review, stakeholder interview.
  • Excellent writing skills, acute attention to details
  • Good understanding of OS, Middleware, network equipment, security applications and other relevant technology
  • Fluent in English
  • Relevant educational background, such as Bachelor's degree in computer science or related field
  • 3+ Years of consulting experience on IT and Information Security
  • Positive mind-set and attitude for continual improvement; strong desire to pursue achievement of goals

Desired abilities, skills and exposure:

  • Expertise in mobile operating systems (iOS, Android)
  • Track record of defensive or offensive security research publications (white papers, interventions in security conferences, credits for bug bounties or CVE)
  • Industry certification in relevant discipline such as OSCP, OSCE , OSWE, GPEN, GWAPT, GXPN, GMOB

Job Duties:

The candidate will execute 8 days span on-site projects for a financial client, encompassing several domains such as Web, Network, Thick Client and Mainframe / As400.