Penetration Tester / Security Engineer (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Penetration Tester / Security Engineer (Cybersecurity): Performing automated and manual penetration testing of applications and infrastructures with an accent on vulnerability identification and mitigation strategies. Focus on improving secure software development practices, analyzing security requirements, and executing Red Team exercises.
Location: Hybrid in Luxembourg
Company
, part of Accenture, specializes in the management of complex public sector IT projects and security management.
What you will do
- Conduct automated and manual penetration tests for web, mobile, cloud, and on-premises infrastructures.
- Identify security weaknesses and propose mitigation strategies or architectural improvements.
- Collaborate with developers and security engineers to improve the overall security posture.
- Promote and integrate secure software development practices throughout the SDLC.
- Analyze customer requirements and recommend appropriate technical security solutions.
- Prepare detailed technical reports with findings and actionable recommendations.
Requirements
- Minimum 2 years of experience in penetration testing or application security.
- Experience with internal penetration tests and/or Red Team exercises.
- Proficiency with tools such as Burp Suite Professional, Nmap, Metasploit, Nessus, and Kali Linux.
- Strong understanding of OWASP Top 10, MITRE ATT&CK, DevSecOps, and OSI/TCP concepts.
- Knowledge of cloud security principles (AWS/Azure).
- Fluency in English (written and spoken).
Nice to have
- Experience with bug bounty platforms (HackerOne, Hack The Box, TryHackMe) or custom exploit development.
- Certifications such as OSCP, OSWE, eCPPTv2, CHFI, GIAC GPEN, or cloud security certifications.
- Previous experience as a software developer.
Culture & Benefits
- International environment collaborating with experienced security professionals.
- Flexible work arrangements to support individual work/life needs.
- Strong emphasis on collaboration, knowledge sharing, and continuous learning.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →