As a Senior Security Assessment Consultant (Penetration Tester), your primary responsibility will be to serve as a recognised subject matter expert and thought leader with expertise in information security and to use this expertise to perform assessments (such as penetration tests, risk assessments). A significant amount of your time will be allocated to Research and Development (R&D) through which you will be encouraged you to discover new security vulnerabilities and weaknesses.
I. Main duties/Key accountabilities
After an initial familiarization with the methodologies and approaches, the senior Security Assessment Consultant should be capable to:
• conduct technical consultative engagements including projects initiation, technical security testing and analysis, reporting and result presentations, for our clients on topics like : o Web Application; o Mobile Application; o Desktop Application; o Red-Teaming;
• maintain a broad-based technical knowledge in key information security areas;
• perform complex technical research: o develop security evasion techniques useful in Red-Teaming engagements; o become an expert in certain technical topic (Active Directory, Containers, Web Browsers, …); o discover new (previously undiscovered) vulnerabilities (0days), perform responsible disclosure, publish your research;
• develop and maintain standardized templates, tools and methodologies in response to reoccurring client needs;
• provide guidance and coaching to junior team members;
• conduct occasional presales work for activities in line with penetration testing;
• take the lead on complex security assessments;
Education, Training & Experience
• You have minimum a Bachelor in ICT or similar in experience.
• At least 3-5 years of experience in the Information Security field.
• French or Dutch as mother tongue and good verbal and written knowledge of English.
• Proficient with scripting languages such as Python, PowerShell, Bash, …
• Experience with common penetration testing frameworks and tools such as Kali, Metasploit, Burp Suite, Mimikatz, …
• Ability to think creatively in complex situations (e.g. attempting to bypass security controls).
• Certifications such as CEH, OSCP, GPEN, GWAPT, OSCE are a strong plus.
• Ability to communicate effectively with clients. • Driving license (cat B) is required.
III. PERSONAL ATTRIBUTES & SKILLS REQUIRED
• Display clear, persuasive and confident presentation and communication.
• Analytical thinking and excellent problem-solving ability.
• Strong personal initiative and a sense for pushing the limits on your technical knowledge.
• Work flexibility and willingness to travel for a limited period if needed.
• Strong ability to work as part of a team.
• Eligible and prepared to obtain NATO clearance.
• Act with commitment to core values of Innovation, Teamwork, Professional Excellence, Integrity, Client Commitment and Respect.