Senior Penetration Tester
Luxembourg, Luxembourg
Company Description
Do you have experience in Penetration Testing and Application Security? Does your toolbox contain Burp Suite, Nmap, Metasploit, etc.? Are you active on HackerOne, Hack The Box or Root Me?
We'd be more than pleased to meet you then!
ARHS Spikeseed is looking for a Senior Penetration Tester (M/F) with penetration testing skills and security best practices knowledge.
You will join a security team, based in Luxembourg, working on a number of cutting-edge projects that are shaping the digital side of Europe, no less!
This position is full-time, on-site, in Luxembourg-city.
Job Description
As part of our Security Team, you will be responsible for:
- Perform external and internal penetration testing on web applications and infrastructure components.
- Execute penetration tests in grey-box and black-box environments, targeting both known and undisclosed systems.
- Perform mobile app security assessments on both Android and iOS platforms, focusing on areas like data storage, cryptography, network communication, and user authentication.
- Help in the continuous improvement of our software development practices, making sure that security is always taken seriously by developers;
- Propose mitigation strategies and/or secure architectures to address weaknesses in the systems you analyse;
- Understand customer security requirements and devise solutions that guarantee the security properties needed to satisfy those requirements;
- Have critical thinking skills to analyse current penetration testing methodologies and propose strategies to improve them;
- Write concise and technically sound reports for the customer;
- Mutually share and strengthen your knowledge with the rest of the team;
- Be a driver of change and innovation within the company.
Qualifications
Your Profile
- You preferably have a Master's degree in Computer Science or Information Security, and IT security was one of your main options.
- You have at least 4 years of experience in a similar position;
- You have experience in Internal pentest and / or Red team exercise;
- Strong analytical, problem-solving, and communication skills, both written and verbal
- You are quick to adapt to new technologies, and you like to stay up to date with the latest attacks against widely deployed systems.
- Ability to work independently, adapt to new challenges, and manage complex testing scenarios with high autonomy.
- Certification as OSCP, OSCE
- Experience in Reverse Engineering
- Knowledge in Cloud Security Practices
Besides that, you are familiar with the following:
- Testing VOIP/Wifi/anti-virus (AV) bypass
- Programming and scripting languages such as Java, C/C++, PHP, Python;
- OSI/TCP stack and general computer networks concepts;
- OWASP Top 10 and SANS Top 25;
- DevSecOps and Secure SDLC principles;
- Cloud (AWS/Azure) principles;
- Burp Suite Professional;
- Kali Linux;
- Agile practices;
Bonus:
- You have the know-how required to develop your own exploits and participate in bug bounty programs.
- You have former experience as a software developer
- You have or are planning to obtain one or more of the certifications that follow:
- OSCP
- OSWE
- eCPPTv2
- AWS Certified Security
- Azure Security Engineer Associate
- CHFI
- GIAC GPEN
- We are basically looking for someone that:
- Loves finding vulnerabilities in infrastructures, protocols, or applications as well proposing strategies to mitigate those vulnerabilities;
- Has tremendous interest for state-of-the-art technologies and penetration testing methodologies;
- Is a team player;
- Is (very) curious and (very) creative, autonomous, and dynamic;
- Has the ability to look at things from multiple angles at the same time.
Additional Information
Arηs Group – Part of Accenture - is a market leader in the management of complex IT projects and systems. Founded in Luxembourg in 2003, we have grown to encompass 11 entities worldwide, employing over 2,500 employees in Luxembourg, Belgium, Greece, Italy and Bulgaria.
With our focus on getting things done, we help our clients achieve their goals with best-of-breed solutions, superior execution and exceptional services. We offer bespoke software development, data science, infrastructure, digital trust and mobile development to government institutions at national and European level, telecom providers, and financial institutions, among others.
Our bold company culture is built around working hard and playing hard, with a flat and agile structure that lends itself to efficiency and employee empowerment. We value our diverse workplace of close-knit teams and provide a place where everyone can be supported to learn and evolve.
Our Vision and Values
Our vision is to be the most caring and reliable IT company on the market place for both clients and our people.
Our values are: caring, agility, excellence, innovation, continual improvement, and reliability.
Our values support our vision by leveraging excellence, striving for results, ensuring commitment and promoting adaptability.
Our Culture
We work in close partnership with our customers, turning their needs into benefits; We promote a dynamic local environment where both young and experience people can realize themselves; We leverage a flexible, independent and responsive organization.
Our Brand
The ArȠs (pronounce [aris]) name comes from Greek Mythology. ArȠs is the son of Zeus and the God of War – in our eyes, an accurate representation of the intelligence, strategy, leadership and vision that are essential in business.
Don’t hesitate! Join our team
What you’ll get:
An informal hierarchy and work environment:
Our open, flat structure supports a strong focus on communication and collaboration, enabling to respond quickly to market changes and customer requests.
An attractive salary package:
With an attractive salary and benefits package – including advantageous fringe benefits – you’ll be paid for what you love to do.
A strong corporate culture:
You’ll join a dynamic team of smart and ambitious people. From the way we hire, to the way we relate to our clients – our values from the foundation of the way we work.
Learning & development opportunities:
We constantly invest in our people and are committed to providing individual development opportunities to help you continue to grow and stay happy and satisfied at work.
Exciting projects:
You’ll take ownership of various projects for both public and private clients: calling for creativity and innovation, at the cutting-edge of technology.
A rock solid company:
With more than 200 customers by 2023, you’ll join a business with a sustainable and growth-oriented plan.
But let’s talk about it face to face!
You have the qualities as listed above? Please, apply & send us your CV, which will be processed in full confidentiality.
You don’t have all the above requirements but own a great part of them? You can send us your CV too because we will give you the opportunity to grow up with us.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Android Application security AWS Azure Burp Suite C CHFI Cloud Computer Science Cryptography DevSecOps Exploits GIAC GPEN iOS Java Kali Linux Metasploit Nmap OSCE OSCP OSWE OWASP Pentesting PHP Python Red team Reverse engineering SANS Scripting SDLC Security assessment Strategy Vulnerabilities
Perks/benefits: Career development Equity / stock options Flat hierarchy Flex hours Salary bonus Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.