Penetration Tester

Madrid, Spain

Applications have closed

Company Description

We are SGS – the world’s leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 97,000 employees operate a network of 2,650 offices and laboratories, working together to enable a better, safer and more interconnected world.

Job Description

Working as a key member of our global IT Security team, you will be responsible for conducting pen testing activities and vulnerability assessments. In addition, you will be involved in projects to develop our IT Security posture and play a role in the evolution of our IT Security infrastructure.

More specifically, you will:

  • Identify and define system and security requirements, baselines and controls for both the existing environment and new developments in IT infrastructure;
  • Contribute in the preparation and documentation of Standard Operating Procedures in the IT security area such as Incident Handling, Problem Management and Forensics Investigations;
  • Identify opportunities for, and promote automation and new technical solutions and security tools to help mitigate security vulnerabilities and improve efficiency;
  • Participate in evaluation and selection of products and security solutions, set the security requirements and coordinate / run PoCs / project management;
  • Coordinate and / or perform penetration tests, evaluate findings and drive mitigation;
  • Coordinate and / or perform vulnerability assessments, evaluate findings and drive mitigation;
  • Provide reports for assessment findings, product evaluations, propositions for further system security enhancement etc;
  • Hunting for web specific vulnerabilities;
  • Performing manual penetration test (blackbox / greybox);
  • Continuous improvement of know how in the field of application security;
  • Support development teams with consultations on your findings;
  • Cooperation and decision making across other penetration testing teams.

Qualifications

  • Educated to degree level in Information Technology, Computer Science, or a relevant discipline;
  • 3 years plus experience of web penetration testing. You will be experienced with security frameworks such as OWASP, SANS, MITRE, OSSTMM;
  • Hands on experience in security systems, including antimalware / antivirus software, firewalls, intrusion detection / prevention systems, authentication systems, log management, web application firewalls, VPN, Zero-trust, cloud technologies, etc;
  • Basic understanding of web-app architectures, software development concepts, PortSwigger BurpSuite or equivalent software;
  • Good understanding of HTTP protocol, Oauth, SSO, JWT, HTML, REST, JSON, WebServices, SOAP, XML and JavaScript debugging;
  • Ethical Hacker Certified (CEH) required and OCSP Certification is a plus.

Additional Information

  • This position will be based at our IT hub in Madrid. We offer hybrid working

A career at SGS enables you to collaborate in an open, friendly and supportive culture that thrives on teamwork, and flourish in an environment where people respect and help each other to grow and succeed. Expand and enrich your career through endless opportunities to learn, grow your expertise and fulfill your potential.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Antivirus Application security Automation Burp Suite CEH Cloud Computer Science Firewalls Forensics Intrusion detection IT infrastructure JavaScript JSON OWASP Pentesting POCs SANS SSO VPN Vulnerabilities XML

Perks/benefits: Career development

Region: Europe
Country: Spain
Job stats:  57  9  0
Category: PenTesting Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.