Senior Penetration Tester

Job Description

Our Client is looking for a Penetration Tester role who will be in charge of delivering penetration to improve the software and infrastructure security of the company.
Reporting to the Group Head of Application Security, this role will be a deep technical security expert, able to validate the proper security implementation of the company.
A proven experience in red team assessments and infrastructure penetration tests is required.

Responsibilities:

• Deliver all kinds of applications penetration tests: Web applications, APIs, mobile applications, thick
  client applications
• Deliver infrastructure penetration tests: Active Directory, Wi-Fi, networks, etc.
• Ability to identify full compromission path and kill-chain
• Compromise modern infrastructures (containerized, microservices) and cloud platforms (AWS, GCP, Azure)
• Advanced knowledge of attack vectors and exploit techniques, including zero-day vulnerabilities
• Provide technical expertise and understanding to other services (ex. SOC, Forensic)
• Provide recommendations / mitigations to remediate or mitigate vulnerabilities
• Coordinate with various IT and business teams to prepare and organize penetration tests

Education:

• Bachelor or Master degree in Computer Science, Information Technology or relevant degree
• OSCP, OSWE, OSCE or any other relevant certification

Knowledge & Experience:

• 8 years of experience in penetration testing
• Proven experience with infrastructure penetration tests and red team assessments
• Excellent knowledge of OWASP Top10, CWE…
• Excellent understanding of micro-services architectures & APIs
• Proven penetration tester experience
• Use of various tools such as Burp Suite, Zap, Kali distribution…
• Network skills (routing, encapsulation, VPN, firewalling, DNS…)
• The ability to interact with colleagues, build good relationships at all levels and across all business units and organizations, and the ability of influence stakeholders of all levels
• Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience.
• Ability to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teams
• Highly self-motivated and directed, with keen attention to detail
• Ability to properly manage time and priorities
• Fluent English mandatory, French optional