Senior Penetration Tester - Cloud

Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.

We’re currently looking for a Senior Penetration Tester - Cloud.

Your responsibilities would include:

• Conducting penetration tests and configuration reviews of cloud infrastructures,
• Creation of customer-specific solution strategies to eliminate found vulnerabilities,
• Review of architectural concepts and creation of design patterns,
• Conducting/participating in in-house knowledge-sharing lectures,
• Creation of security concepts for the cloud,
• Reviewing and defining requirements for information security solutions,
• Participating in Security Assessments of networks, systems and applications,
• Working on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets,
• Assistance during new RFPs/ BID phases with technical advise,
• Interfacing with architects and CSOs to constantly shape the assessments scope,
• Writing comprehensive assessment reports and providing recommendations,
• Eligiblity for security clearance.

What do we require from you?

• A degree with a focus on computer science or equivalent education,
• A minimum of 3 years of professional experience in the field of "Information Security", and at least 2 years of relevant professional experience in Cloud Pentesting,
• A certification (e.g. AWS Certificate Security Specialist or AWS Solution Architect and equivalent),
• Experience in the operation and safety assessment of Web applications (OWASP Testing Guide, Burp, IBM AppScan),
• Knowledge of typical pentesting tools (e.g. Sqlmap, Burp, ZAP, Nessus, Acunetix, Wireshark, etc.) and methodologies in testing (e.g. OWASP WSGT, MSTG) recommended,
• Experience with programming and scripting languages (JavaScript, PHP, Java) and very good knowledge of Linux and Windows systems,
• Nice to have - one or more relevant certifications (CEH, CISSP, OSCP),
• Knowledge of AWS, Google Cloud (GCP), Docker, Microsoft Azure, and Kubernetes,
• Very good knowledge of English, both written and spoken.

What happens next?

• Quick conversation with HR,
• Interview with a Manager/IT expert/project representative,
• Feedback (1-5 business days after the interview),
• Work like you want-remotely, in hybrid mode or at our office.

How will we make your life easier and happy?

• You will improve your qualifications by: individual development plans, budget for development activities, internal and external trainings, the opportunity to participate in conferences and gain international certification.
• We will look after you with a private medical package that includes dentist.
• We support your new-year resolutions with Multisport and OK System cards. If you form a team of sport enthusiasts, you will also get additional funding.
• Do you need new glasses? We will give you 600 PLN reimbursement for buying one.
• You will receive a guaranteed pool of points to be used for shopping, concert tickets or fulfilling other dreams.
• Every month we will subsidize commuting.
• Do you want to improve your language skills? Please, do so with us.
• You will do good in the world by helping others thanks to CSR actions.
• You will have an extra vacation for significant moments.
• We will celebrate and have fun during company parties.
• We will build together a positive work culture.

Please, attach your CV in English

If you want to find out more or have questions, contact our recruiter Malgorzata Staszczak on LinkedIn.

Let’s grow together.

We take care of your personal data privacy. More information about processing your data within recruitment process you can find on our website: https://eviden.com/privacy-policy/

Nasze przedsiębiorstwo przestrzega zasad ochrony sygnalistów ustanowionych w dedykowanej procedurze zgodnie z ustawą z dnia 14 czerwca 2024 r. o ochronie sygnalistów (Dz.U. z 2024 r. poz. 928), zapewniając wszystkim pracownikom oraz osobom ubiegającym się o zatrudnienie lub świadczenie usług pełną poufność i ochronę w zakresie zgłaszania naruszeń prawa.