We are looking for a Senior Pentester to be part of our Ethical Hacking / Red Teaming area.
What are we looking for?
We are looking for people with technical education (Advanced cycles of professional training, Bachelor`s degree in Computer Science, Systems and Networking, Telecommunications, a related field, or equivalent) with 4-5 years of experience in Cybersecurity and Ethical Hacking in one or more of the following, demonstrating above-average understanding in:
- Web application penetration testing.
- Mobile application penetration testing.
- Network penetration testing.
- Wireless network penetration testing.
- Development of tools or plugins used to conduct penetration testing and analysis.
- High level experience with shell scripting with Perl and or Python.
- High level experience Bash and or PowerShell.
- Experience with methodologies on both static and dynamic analysis for different application types and platforms.
- Demonstrated experience working with Web Application Firewalls.
- Securing, testing, having a good understanding of API vulnerabilities and how to address them.
- Strong knowledge of tools used for application testing and testing of different platforms, including those used in both static and dynamic analysis.
- Strong understanding of network protocols, data on the wire, application design and architecture, and different classes of application security flaws.
- Experience with Breach & Attack Simulation SaaS platforms is preferred.
- Expert level experience with demonstrated hands-on experience with Unix/Linux/Mac/Windows operating systems.
- Ability to document and explain technical details in a concise, understandable manner.
- Ability to manage and balance own time among multiple tasks.
- Ability to mentor and coach junior staff.
Fluent in Spanish will be necessary.
Any of the following would be a plus:
- Master’s degree in cybersecurity.
- Have relevant certifications such as CEH, OSCP, OSCE, CISSP, CISA, GIAC
- Source code review and analysis.
- Fluent English (C1-C2).
What challenges and tasks can you find in this job?
- Scope, design, perform, manage end-to-end red team engagements with varying mission objectives.
- Perform web, mobile application testing, and network penetration testing, including social engineering assessments.
- Develop comprehensive and accurate security penetration reports.
- Effectively communicate findings and strategy to business stakeholders, including technical and executive leadership.
- Utilize attacker tools, tactics, and procedures used to perform analysis and identify vulnerabilities.
- Develop scripts, tools, or methodologies to enhance red team penetration testing processes.
- Scope penetration testing engagements and execute engagements from kickoff through engagement testing conclusion.
- Manage vulnerability risk reduction process to elevate application/system Cybersecurity posture, including tracking, monitoring, following-up, and driving conversations to mitigate identified vulnerabilities.
- Coach and mentor junior penetration testing staff.
- Other Cybersecurity operational and project initiatives responsibilities to be assigned.
What are we offering?
Type of contract: indefinite full-time contract (from Monday to Friday).
Location: Barcelona, Zaragoza or Madrid (full remote is possible).
Salary: to determinate.
Flexible Compensation Plan (food card, transport card, kindergarden card, medical insurance and training).
Work Life Balance: flexible work environment.