Penetration Tester / Security Engineer (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Penetration Tester / Security Engineer (Cybersecurity): Performing automated and manual penetration testing across web, mobile, and cloud infrastructures with an accent on identifying vulnerabilities and proposing mitigation strategies. Focus on improving secure software development practices, conducting Red Team exercises, and ensuring the overall security posture of client systems.
Location: Hybrid in Luxembourg
Company
, part of Accenture, specializes in the management of complex public sector IT projects, including security management and systems integration.
What you will do
- Perform automated and manual penetration testing of web and mobile applications, as well as cloud and on-premises infrastructures.
- Contribute to the continuous improvement of secure software development practices throughout the development lifecycle.
- Identify security weaknesses and propose mitigation strategies or secure architectural improvements.
- Analyze customer security requirements and recommend appropriate technical solutions.
- Evaluate and improve penetration testing methodologies and security processes.
- Prepare technical reports with findings and recommendations and collaborate with developers to improve security posture.
Requirements
- Minimum 2 years of experience in penetration testing or application security.
- Experience performing internal penetration tests and/or participating in Red Team exercises.
- Proficiency with Burp Suite Professional, Nmap, Metasploit, Nessus, and Kali Linux.
- Strong understanding of OWASP Top 10, MITRE ATT&CK, DevSecOps, and Cloud security (AWS/Azure).
- Familiarity with Java, C/C++, PHP, or Python.
- Fluency in English (written and spoken).
Nice to have
- Experience with bug bounty platforms (HackerOne, Hack The Box, TryHackMe) or custom exploit development.
- Previous professional experience as a software developer.
- Relevant certifications such as OSCP, OSWE, eCPPTv2, CHFI, GIAC GPEN, or Cloud Security specialties.
Culture & Benefits
- International work environment with collaboration with experienced security professionals.
- Flexible approach to support specific work/life needs.
- Focus on continuous learning and knowledge sharing within the team.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →