Penetration Tester
Madrid, Spain
Company Description
SGS is the world's leading inspection, verification, testing and certification company and recognized as the global benchmark for quality and integrity. With more than 96,000 employees, we operate a network of more than 2,700 offices and laboratories around the world.
Job Description
Working as a key member of our global IT Security team, you will be responsible for conducting pen testing activities and vulnerability assessments. In addition, you will be involved in projects to develop our IT Security posture and play a role in the evolution of our IT Security infrastructure.
More specifically, you will:
- Identify and define system and security requirements, baselines and controls for both the existing environment and new developments in IT infrastructure;
- Contribute in the preparation and documentation of Standard Operating Procedures in the IT security area such as Incident Handling, Problem Management and Forensics Investigations;
- Identify opportunities for, and promote automation and new technical solutions and security tools to help mitigate security vulnerabilities and improve efficiency;
- Participate in evaluation and selection of products and security solutions, set the security requirements and coordinate / run PoCs / project management;
- Coordinate and / or perform penetration tests, evaluate findings and drive mitigation;
- Coordinate and / or perform vulnerability assessments, evaluate findings and drive mitigation;
- Provide reports for assessment findings, product evaluations, propositions for further system security enhancement etc;
- Hunting for web specific vulnerabilities;
- Performing manual penetration test (blackbox / greybox);
- Continuous improvement of know how in the field of application security;
- Support development teams with consultations on your findings;
- Cooperation and decision making across other penetration testing teams.
Qualifications
- Educated to degree level in Information Technology, Computer Science, or a relevant discipline;
- 3 years plus experience of web penetration testing. You will be experienced with security frameworks such as OWASP, SANS, MITRE, OSSTMM;
- Hands on experience in security systems, including antimalware / antivirus software, firewalls, intrusion detection / prevention systems, authentication systems, log management, web application firewalls, VPN, Zero-trust, cloud technologies, etc;
- Basic understanding of web-app architectures, software development concepts, PortSwigger BurpSuite or equivalent software;
- Good understanding of HTTP protocol, Oauth, SSO, JWT, HTML, REST, JSON, WebServices, SOAP, XML and JavaScript debugging;
- Ethical Hacker Certified (CEH) required and OCSP Certification is a plus.
Additional Information
This position will be based at our IT hub in Madrid. We offer hybrid working
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation Burp Suite CEH Cloud Computer Science Firewalls Forensics Intrusion detection IT infrastructure JavaScript JSON OWASP Pentesting POCs SANS SSO VPN Vulnerabilities XML
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs