Security Test Engineer, Static- Dynamic Penetration Testing Expert

IT-Staffing Nederland B.V.
Geplaatst op
2 tot 6 maanden
Op locatie


Security Test Engineer – Static- Dynamic - Penetration Testing Expert

Standard hours / week36
Location Amsterdam
Start Date asap
End Date31-Dec-16


Security Test Engineer – Static- Dynamic - Penetration Testing Expert

Job Description

Our customer DEVOPS team is looking for a qualified security test analyst with recent and relevant working experience as a software security tester. Security testing experience in a Financial environment could be advantageous but not determinant. As member of a DEVOPS team, you’ll be responsible for the execution of security tests on a wide variety of internal and external facing applications.

As a member of the team you will assist with the continuous improvement of the processes critical to the success of the team. In this role, you will work in a two week sprints handling one or more Static-, dynamic and/or penetration tests and supporting the initial and technical intake process.

What do we expect?
•B.S. in Computer Science or related technical major (M.S./PhD preferred) or significant job experience. You have a valid (Current) CEH, ECSA, ECSP, Sans, GIAC Certification.
•Minimum 5 years penetration testing experience, with significant mobile testing.
•Experience with OWASP testing Guide / Open Source Security Testing Methodology Manual
•Development experience preferred.
•Expert with common web application penetration testing tools including, but not limited to Burp, Fiddler, OWASP Zap, BeEF, and at least one commercial solution (WebInspect, AppScan, or similar).
•Experience deploying enterprise security testing solutions.
•Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
•Experience with debuggers, disassemblers, binary patch diffing (e.g. BinDiff).
•Experience with testing automation suites such as Selenium. UFT
•Technical depth in many, if not most of the following areas: LAMP stack, Node.js, Scala/Java, iOS, Android OS, Windows Mobile, web services, and certificate pinning.
•Familiarity with Secure Development Lifecycle practices and Agile development.
•Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired.
•Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
•Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.
•A fun and positive attitude!


Primary responsibility to provide internal and external network penetration testing, create actionable reporting based on findings, application testing, including black-, grey-, white box, code reviews and reverse engineering, software development advisory, network and software architecture reviews and guidance, social engineering, physical and red team engagements.

Additionally you will support with pre intakes/technical intakes, development of security solutions and services, leveraging a robust technology portfolio, to address complex industry recognized information security trends and challenges faced by our respective clients. Assist with the delivery of pre-sales and post-sales support of the technical security solutions and services.

Interested? Please response with recent cv, motivation and hourly rate.

VOG is for your own costs.

Reageren op de opdracht? Log in of Word gratis lid

0 reacties

Er zijn nog geen reacties op deze opdracht.

Jouw reactie

Je moet inloggen voordat je een reactie kunt plaatsen. maakt gebruik van cookies. Door deze website verder te bezoeken, gaat u akkoord met het plaatsen van cookies.

Melding sluiten