Senior Penetration Tester

Luxembourg, Luxembourg

ARHS

Welcome to the Arhs group website. Thanks for stopping by.

View all jobs at ARHS

Apply now Apply later

Company Description

Do you have experience in Penetration Testing and Application Security? Does your toolbox contain Burp Suite, Nmap, Metasploit, etc.? Are you active on HackerOne, Hack The Box or Root Me?

We'd be more than pleased to meet you then!

ARHS Spikeseed is looking for a Senior Penetration Tester (M/F) with penetration testing skills and security best practices knowledge.

You will join a security team, based in Luxembourg, working on a number of cutting-edge projects that are shaping the digital side of Europe, no less!

This position is full-time, on-site, in Luxembourg-city. 

Job Description

As part of our Security Team, you will be responsible for:

·       Perform external and internal penetration testing on web applications and infrastructure components.

.       Execute penetration tests in grey-box and black-box environments, targeting both known and undisclosed systems.

.       Perform mobile app security assessments on both Android and iOS platforms, focusing on areas like data storage, cryptography, network communication, and user authentication.

·       Help in the continuous improvement of our software development practices, making sure that security is always taken seriously by developers;

·       Propose mitigation strategies and/or secure architectures to address weaknesses in the systems you analyse;

·       Understand customer security requirements and devise solutions that guarantee the security properties needed to satisfy those requirements;

·       Have critical thinking skills to analyse current penetration testing methodologies and propose strategies to improve them;

·       Write concise and technically sound reports for the customer;

·       Mutually share and strengthen your knowledge with the rest of the team;

·       Be a driver of change and innovation within the company.

Qualifications

Your Profile

·       You preferably have a Master's degree in Computer Science or Information Security, and IT security was one of your main options.

·       You have at least 4 years of experience in a similar position;

·       You have experience in Internal pentest and / or Red team exercise;

·       Strong analytical, problem-solving, and communication skills, both written and verbal

·       You are quick to adapt to new technologies, and you like to stay up to date with the latest attacks against widely deployed systems.

·       Ability to work independently, adapt to new challenges, and manage complex testing scenarios with high autonomy.

·       Certification as OSCP, OSCE

.       Experience in Reverse Engineering

.        Knowledge in Cloud Security Practices

 

Besides that, you are familiar with the following:

·       Testing VOIP/Wifi/anti-virus (AV) bypass

·       Programming and scripting languages such as Java, C/C++, PHP, Python;

·       OSI/TCP stack and general computer networks concepts;

·       OWASP Top 10 and SANS Top 25;

·       DevSecOps and Secure SDLC principles;

·       Cloud (AWS/Azure) principles;

·       Burp Suite Professional;

·       Kali Linux;

·       Agile practices;

Bonus:

·       You have the know-how required to develop your own exploits and participate in bug bounty programs.

·       You have former experience as a software developer

You have or are planning to obtain one or more of the certifications that follow:

·       OSCP

·       OSWE

·       eCPPTv2

·       AWS Certified Security

·       Azure Security Engineer Associate

·       CHFI

·       GIAC GPEN

We are basically looking for someone that:

·       Loves finding vulnerabilities in infrastructures, protocols, or applications as well proposing strategies to mitigate those vulnerabilities;

·       Has tremendous interest for state-of-the-art technologies and penetration testing methodologies;

·       Is a team player;

·       Is (very) curious and (very) creative, autonomous, and dynamic;

·       Has the ability to look at things from multiple angles at the same time.

Additional Information

ARȠS?

Arηs is a fully independent group of companies specialized in managing complex IT projects and systems for large organisations, focusing on state-of-the-art software development, business intelligence and infrastructure services.

We are composed of 14 entities across 6 countries that are unified by the Arηs Group, with more than 2200 consultants.

This corporate structure enables us to respond quickly to market changes and customer requests, and to communicate and make decisions without layers of bureaucracy.

Our success can be attributed to the synergy among our nine complementary entities, combined with our methodologies, which are based on the Rational Unified Process (RUP) and the Scrum agile software development framework.

 

Our Vision and Values

Our vision is to be the most caring and reliable IT company on the market place for both clients and our people.

Our values are: caring, agility, excellence, innovation, continual improvement, and reliability.

Our values support our vision by leveraging excellence, striving for results, ensuring commitment and promoting adaptability.

Our Culture

We work in close partnership with our customers, turning their needs into benefits; We promote a dynamic local environment where both young and experience people can realize themselves; We leverage a flexible, independent and responsive organization.

Our Brand

The ArȠs (pronounce [aris]) name comes from Greek Mythology. ArȠs is the son of Zeus and the God of War – in our eyes, an accurate representation of the intelligence, strategy, leadership and vision that are essential in business.

 

Don’t hesitate! Join our team

What you’ll get:

An informal hierarchy and work environment:

Our open, flat structure supports a strong focus on communication and collaboration, enabling to respond quickly to market changes and customer requests.

An attractive salary package:

With an attractive salary and benefits package – including advantageous fringe benefits – you’ll be paid for what you love to do.

A strong corporate culture:

You’ll join a dynamic team of smart and ambitious people. From the way we hire, to the way we relate to our clients – our values from the foundation of the way we work.

Learning & development opportunities:

We constantly invest in our people and are committed to providing individual development opportunities to help you continue to grow and stay happy and satisfied at work.

Exciting projects:

You’ll take ownership of various projects for both public and private clients: calling for creativity and innovation, at the cutting-edge of technology.

rock solid company:

With more than 200 customers, and 30% turnover growth in FY2021, you’ll join a business with a sustainable and growth-oriented plan.

 

But let’s talk about it face to face!

 

You have the qualities as listed above? Please, send us your CV, which will be processed in full confidentiality, by clicking the button "I'm interested"

 

You don’t have all the above requirements but own a great part of them? You can send us your CV too because we will give you the opportunity to grow up with us.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  10  1  0
Category: PenTesting Jobs

Tags: Agile Android Application security AWS Azure Burp Suite Business Intelligence C CHFI Cloud Computer Science Cryptography DevSecOps Exploits GIAC GPEN iOS Java Kali Linux Metasploit Nmap OSCE OSCP OSWE OWASP Pentesting PHP Python Red team Reverse engineering SANS Scripting Scrum SDLC Security assessment Strategy Vulnerabilities

Perks/benefits: Career development Equity / stock options Flat hierarchy Flex hours Startup environment

Region: Europe
Country: Luxembourg

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.