Description
Penetration Tester
Currently one of my top clients is urgently seeking a Penetration tester who will join their team on a contract position based in Amsterdam, Netherlands.
Main Technical Competences:
- Information technology security (architecture, organization, processes)
- Network infrastructure and application security
- Firewalls, anti-virus, intrusion detection systems and penetration testing
- Modern malware (banking trojans, remote access tools, botnets, rootkits)
- DDOS and APT attacks
- Forensic investigation
- Experience in ethical hacking is a plus
Non-Technical Competences:
- Analytical and synthetic turn of mind
- Excellent communicator, who can be assertive towards multiple stakeholders
- Team worker but also able to work independently
- Able to work in stressful situations
- Organized and who follows a "problem-solving" and "results-oriented" approach
- Excellent project and time management skills
- Excellent written and spoken knowledge of English, knowledge of Dutch and/or French
Your role:
- Follow-up activities and control quality of work done by external company:
- Qualify escalated events detected by SEM, TSCM, IPS tools (like ArcSight, Tripwire, SourceFire or provided by other sources)
- Follow-up of security related alerts and recommending corrective actions
- Validate rules/waivers which filter out all security related events and provide qualification rules
- Provide L3 support for security incidents: analyze and qualify escalated events, initiate major security incident process
- Coordinating and conducting IT forensics investigations for the business: Request to identify, collect, analyze and report on various malware related or other threats to security service providers in order to provide actionable intelligence to the bank.
- Define and implement security incident mitigation solutions
- Coordinate with other security teams the resolutions
- Draw lessons learned from security incidents
- Be part of on call support team (24/7)
- Cybercrime trends
- Research new trends and continuously stay up to date on the latest developments in cybercrime
- Gather and analyze cybercrime threats (specifically for DDOS & APT)
- Coordinating efforts to produce actionable plans to mitigate identified risks
- Cyber Crime Exercises
- Define attack scenarios and conduct cybercrime exercises (APT & DDOS)
- Get insights from previous APT and DDOS attacks to recommend new cybercrime defense initiatives
- Providing guidance and strategic direction to staff and management, both for projects and incident handling, in accordance with the bank's security policies and local laws & regulations
- Develop and document information security procedures to enforce information security standards
If you would like to be considered for this position, apply ASAP!