Description
Security Engineer (Penetration Testing Expert)
For one of Netherlands's largest financial clients, we are currently seeking an experienced Security Engineer with Penetration testing expertise.
You will assist with the continuous improvement of the processes critical to the success of the team. In this role, you will handling one or more Static-, dynamic and/or penetration tests and supporting the initial and technical intake process.
You will join an dynamic environment where you will get the space to speak up your vision. This will be a stable 12 months' contract in Amsterdam, Netherlands. Paying excellent rates (Possible extensions).
The ideal Security Engineer will have the following skills:
- B.Sc. in Computer Science or related technical major (M.Sc./PhD preferred), or significant job experience. Preferably you have a OSCP, ECPPT, ECSA, Sans or GIAC Certification.
- Minimum 5 years penetration testing experience, with significant experience outside web applications (mobile, Mainframe, infrastructure, networks, fat-client) testing.
- Experience with OWASP testing Guide/Open Source Security Testing Methodology Manual
- Fluent in creating software in at least 1 programming language.
- Expert with common web application penetration testing tools including, but not limited to Burp, Fiddler, OWASP Zap, BeEF, and at least one commercial solution (WebInspect, AppScan, or similar).
- Experience deploying enterprise security testing solutions.
- Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
- Experience with testing automation suites such as Selenium or UFT.
- Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificate pinning.
- Technical depth in many, if not most of the following areas: LAMP stack, Node.js, Scala/Java, iOS, Android OS, Windows Mobile, web services.
- Knowledge of networking protocols, the network stack and DDoS attacks and defenses.
- Experience with Secure Development Lifecycle practices and Agile development.
- Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired.
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.
- A fun and positive attitude!
Please send in your CV/application for further details and an insight on similar upcoming positions.