Penetration Tester
REMOTE
Applications have closed
CRI Group
We are looking for a Penetration tester to work for us REMOTELY.
Penetration Testing aims to provide a safe communication and information infrastructure for the Contracting EU-Is' user community and information systems by proactively assessing the security of the Contracting EU-Is' infrastructure by purposefully attacking its systems, networks, services and applications.
This service involves a sound preparation to scope the penetration test and to agree on the rules of engagement with the relevant system's stakeholders.
Penetration Testing service encompasses the set of standards, processes, tools, technology and skilled staff to proac-tively assess the security posture of a given ICT infrastructure by purposefully attacking its systems, networks, ser-vices and applications.
Job Responsibilities
- Establishing a clear scope for the penetration test based on specific and measurable rules of engagement
- Preparing, planning and coordinating the execution of the tests
- Scanning and probing targets
- Determining the feasibility of a particular set of attack vectors
- Attacking and exploiting targets in line with the rules of engagement with the aim of proving the true feasibility of one or several killing chains
- Identifying higher-risk vulnerabilities that result from a combination of lower-risk vulnerabilities exploited in a particular sequence
- Identifying vulnerabilities that may be difficult or impossible to detect with automated network or application vulnerability scanning software
- Assessing the magnitude of potential business and operational impacts of successful attacks
- Testing the ability of network defenders to successfully detect and respond to the attacks
- Performing risk, impact and damage assessments
- Providing intermediate reports on regular basis
- Providing recommendations such as mitigating the identified exploitable vulnerabilities
- Drafting penetration testing reports tailored for management and technical peers
- Maintenance and continuous improvement of the penetration testing toolkit
- Interfacing with other experts
- Technology watch
- Contribution to awareness trainings
Job Requirements
- Scoping of penetration tests
- Planning of penetration tests
- Execution of penetration tests
- Vulnerability Assessment
- Security Assessments and Audits
Certifications
At least 1 certification among:
GPEN (GIAC Certified Penetration Tester)
GWAPT (GIAC Certified Web Application* Penetra-tion Tester)*
CEH (EC-Council Certified Penetration Tester)
or an equivalent certification recognized international-ly (subject to acceptance as a valid credential by the Con-tracting EU-I)
The following documents / procedures will be requested to successfully complete the hiring process:
- A copy of your university degree(s)
- A copy of your criminal record
- Security Clearance Procedure
WHO ARE WE?
CRI Group belongs to VASS GROUP as of November 2021 (https://vasscompany.com/en/).
VASS is a leading digital solutions group of companies headquartered in Madrid, Spain, present in 25 countries in Europe, the Americas and Asia with more than 4,300 professionals.
VASS helps large companies in their digital transformation process, developing and executing the most innovative and scalable projects, from strategy to operations.
All our growth comes from our talented people, passion for innovation, and a constant search for improvement, always the VASS way: “Complex made simple”.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CEH Clearance GIAC GPEN GWAPT Pentesting Security assessment Security Clearance Strategy Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs