Offensive Security Tester / Penetration Testing

Offensive Security Tester / Penetration Testing – Banking Client – Brussels

Rate: 600 – 800 per day

Duration: 9 months contract

*** This role is remote due to Covid, however you MUST be prepared to be onsite in Brussels when travel is permitted ****

Offensive Security Tester – Penetration Testing

As a global critical financial infrastructure, the protection of the banking clients information and assets is fundamental to the company’s business.

Security is at the core of our services, firmly embedded in the management systems and processes of the company.

You will be joining our CISO division in charge of putting in place the required controls to adequately and effectively protect our information assets.

You will join the Offensive Security Center who manage and coordinate:

• Penetration testing
• Red team Exercises
• Purple team Exercises
• Static Code Analysis
• Vulnerability Management

The main responsibilities:

• Plan & coordinate security tests with internal stakeholders
• Plan & coordinate security tests with external providers
• Review & analyse security test reports and produce digests/synopsis
• Present & discuss the results to all relevant stakeholders (technical and non-technical)
• Advise (senior) stakeholders, such as project leads, developers, and analysts on how to remediate and prevent any detected issues
• Contribute to the execution of the security strategy roadmap

In this role you will come in contact with the full spectrum of the attack chain. Ranging from web applications to binary exploitation and infrastructure. As an offensive security tester you will be supported by an experienced team who will assist, coach, and guide you where needed.

In summary, the ideal candidate needs to understand the penetration testing process and practices, have a strong interest in offensive security, and a willingness to obtain certifications.

Technical skills

• Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles are an asset;
• Good understanding of Application security including OWASP TOP 10, and willingness to learn with regard to a broad range of attacks (SQLi, XSS, Overflows, DLL-Hijacking,…)
• Basic understanding of network principles and protocols
• Basic understanding of Unix and Windows Operating Systems and security practices.

Soft skills

• Be an ethical team player who communicates in an open, respectful and constructive way with her/his customers and peers, both verbally and in writing. You will take ownership and ensure that organizational quality standards are met.
• Be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts.
• Be able to work independently, responsibly and professionally with highly confidential information.

This role is part of the Expert career orientation.

Please do send across to me the most up to date copy of your CV to eobiechefu@welovesalt.com