Description
Security Test Engineer (Pen Testing)
A Security Test Engineer (Pen Testing) is urgently required for an ASAP start with a major client in Amsterdam.
The Security Test Engineer (Pen Testing) will have recent and relevant working experience as a software security tester, security testing experience in a Financial environment would be an advantage.
The Security Test Engineer (Pen Testing) will have the following skills and experience -
- Valid (Current) CEH, OSCP,ECSA, ECSP, Sans, GIAC Certification.
- S. in Computer Science or related technical major (M.S./PhD preferred), or significant job experience.
- Minimum 5 years' penetration testing experience, with significant mobile testing.
- Experience with OWASP testing Guide/Open Source Security Testing Methodology Manual
- Fluent in at least 1 programming language.
- Expert with common web application penetration testing tools including, but not limited to Burp, Fiddler, OWASP Zap, BeEF, and at least one commercial solution (WebInspect, AppScan, or similar).
- Experience deploying enterprise security testing solutions.
- Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
- Experience with debuggers, disassemblers, binary patch diffing (eg BinDiff).
- Experience with testing automation suites such as Selenium or UFT.
- Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificate pinning.
- Technical depth in many, if not most of the following areas: LAMP stack, Node.js, Scala/Java, iOS, Android OS, Windows Mobile, web services.
- Familiarity with Secure Development Lifecycle practices and Agile development.
- Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired.
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change
The Security Test Engineer (Pen Testing) will be responsible for the following -
- Execution of security tests on a wide variety of internal and external facing applications
- Assisting with the continuous improvement of the processes critical to the success of the team, handling one or more Static-, dynamic and/or penetration tests and supporting the initial and technical intake process.
- Primary responsibility to provide internal and external network penetration testing, create actionable reporting based on findings, application testing, including black-, grey-, White Box, code reviews and reverse engineering, software development advisory, network and software architecture reviews and guidance, social engineering, physical and red team engagements.
- Additionally, the Security Test Engineer will support with pre intakes/technical intakes, development of security solutions and services, leveraging a robust technology portfolio, to address complex industry recognized information security trends and challenges faced by our respective clients.
- Assist with the delivery of pre-sales and post-sales support of the technical security solutions and services.
Please get in touch for an immediate response.