Description
Location – Frankfurt, Germany or London UKLength of assignment - 12 months with extension
Start date –
Job Title: Vulnerability Tester
Scope of the project – Client is doing a Rollout of a new operating system and needs assistance on the testing of their server farms for Vulnerable areas.
Responsibilities:
• Operation of vulnerability scanner tools, including network scanner and vulnerability scanners.
• Manual verification of vulnerability scanner results (OS, Middleware and Web Application Issues), false positive analysis and exploitation
• Penetration test documentation and report generation
• Plan, lead and support stakeholders in remediation of vulnerabilities
• Act as an escalation point of contact for team members, vendors and stakeholders
• Be able to review scope for penetration testing and risk ratings for vulnerabilities
• Be able to deliver projects under rigid schedule
• Be able to track and close security topics such as open high risk findings or assessments
• Provide technical advice to Senior Management on security topics
• Develop presentations to Senior Management on new initiatives or budget approvals
Requirements:
• Bachelor’s degree in Computer Science, Engineering, Information Security or equivalent
• At least 5 years of IT Security experience, ideally in penetration testing or vulnerability assessment in large organization
• A strong understanding of security concepts, vulnerability management and exploitation methods. Especially in the infrastructure and OS space such as Windows and UNIX
• A good understanding of web technologies and web security hardening techniques, including IIS/Tomcat and Apache
• Written and verbal fluency in English is important as all project related communication will be in English language.
• Very good analytical skills, with the ability to breakdown complex problems into actionable steps.
• Ability to communicate IT security issues to other business areas in technical and non technical language
• CISSP, CISM, CEH or SANS Certification (GWAPT)
• Knowledge of ITIL framework would be advantage
• Tools used Nmap, Nessus, Burp, shell scripting, automation in reporting,
exploitation etc
• previous experience in project management preferred especially support and tracking remediation