SC2022-002289 Penetration Testing Services (NS) - TUE 9 Aug

Deadline Date: Tuesday 9 August 2022

Requirement: Penetration Testing Services

Location: Off-Site

Full time on-site: No

NATO Grade: A/115

Total Scope of the request (hours): 375

Required Start Date: 5 September 2022

End Contract Date: 31 December 2022

Required Security Clearance: NATO SECRET

Specific Working Conditions: Work from home on a part time basis for 5 months of effort based on 75 hours per month.

Duties and Role

• Provide Web and application level penetration testing;
• Provide security design reviews to ensure compliance with NATO policies and directives;
• Provide security consultancy and advice to projects, plans, and other entities;
• Brief at technical levels on security reports and testing outcome.

Requirements

• NATO Secret security clearance

The required skillset for the contracted individual is extensive knowledge and experience (more than 5 years) in the following areas:

• Web application and thick-client penetration testing;
• Assessing security vulnerabilities within OS, software, protocols & networks;
• Researching and evaluating security products & technologies;
• Knowledge in system and network administration of UNIX and Windows systems;
• Use of penetration testing tools, techniques, and recognized testing methodologies;
• Scripting skills in at least one of the following: Perl, Python, Ruby, shell (bash, ksh, csh);
• Experience in security mechanisms (applocker, deviceguard), .NET, appliance
• Experience in reverse, Kerberos (windows), thin client application
• Technical knowledge in system and network security, authentication and security protocols, cryptography, application security, as well as, malware infection techniques and protection technologies;
• Ability to evaluate risks and formulate mitigation plans;
• Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation plan.