Security / Penetration Test Engineer

Sword Services Greece is an IT Services and Software Solutions provider company, driving EU Institutions and Global Leaders in their Digital & IT transformation. As part of the Sword Services Greece team, you'll leverage your expert IT competency to drive critical projects, ensuring rapid, precise delivery that consistently meets, and often exceeds, the expectations of our global clients.

About the role

We are currently seeking an experienced Security/Penetration Test Engineer to join our team in Strasbourg, France. The successful candidate will work in a multinational environment on a multitude of tasks supporting our business in implementing and developing solutions for large EU and international institutions and private sector companies in Greece and abroad.

What you will do

• Identify, analyse and assess technical and organisational cybersecurity vulnerabilities
• Identify attack vectors, uncover and demonstrate exploitation of technical cybersecurity vulnerabilities
• Test systems and operations compliance with regulatory standards
• Select and develop appropriate penetration testing techniques
• Organise test plans and procedures for penetration testing
• Establish procedures for penetration testing result analysis and reporting
• Document and report penetration testing results to stakeholders
• Deploy penetration testing tools and test programs
• Provide the following automated, manual or hybrid security testing services following appropriate industry wide, highly recognized methodologies and standards:
• Penetration testing including application pen testing, infrastructure pen testing, cloud application & environment pen testing, social engineering testing, web application testing, device pen testing (including workstations, servers, laptops and mobile devices - tablets and smartphones), wireless pen testing
• Vulnerability Assessment services for external and internal systems
• Security source code review or development experience at least in C/C++, C#, VB.NET, ASP, or Java
• Identify information to be provided by Client based on the nature of test being performed (e.g., White Box, Black Box, Grey Box)
• Use tools and manual testing to perform code security analysts to identify vulnerabilities and attack vectors in applications and infrastructure
• Execute SAST, DAST, vulnerability scans and penetration tests
• Identify targets and map attack vectors
• Identify the exploitable vulnerabilities
• Identify the security risk level, business impact and provide the remediation plan
• Draft security test cases based on the requirements
• Provide the Contracting Authority with a report for each service completed, provide the risk and the business impact of each finding and provide recommendations to mitigate deficiencies and risks

Technical Skills required

• Experience providing consulting services in a highly confidential environment
• Minimum of 7 years of experience in providing IT and Information security services
• Understanding and demonstrable willingness to learn of offensive and defensive security, including offensive evasion and defensive prevention techniques
• Experience with penetration testing against a wide variety of applications including web, mobile, and thick client above and beyond running automated tools required
• Ability to present findings and recommendations to peers, co-workers, and customers
• Capacity in writing documents
• Ability to communicate effectively with development team
• Identify and exploit vulnerabilities
• Use penetration testing tools effectively
• Conduct technical analysis and reporting
• Decompose and analyse systems to identify weaknesses and ineffective controls
• Review codes assess their security

Experience in the following will be considered as an asset

• Certified Ethical Hacker (CEH)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Web Application Defender (GWEB)ISC2 Certified Secure Software Lifecycle Professional (CSSLP)Offensive Security Certified Professional (OSCP)CREST Penetration Testing Certifications

Behavioral Attributes

• Self Development: Shows eagerness to grow and achieve more in respective area of expertise
• Adaptability / Flexibility: Shows ability to cope with fast changing technologies and requirements
• Solution focused mindset: Focus on work quality results with attention to detail and delivery of tasks within agreed deadlines
• Focus on Customer either internal or external
• Creativity & Initiative: Proposes ideas and solutions to existing ways of working, takes initiatives, identifies risks and works proactively
• Teamwork: Collaborates effectively & efficiently with various diverse and geographically distributed work teams
• Accountability: Shows strong sense of responsibility and ownership of the activities assigned

Our Culture

At Sword, our values define how we behave towards our colleagues and clients, and that is Respect and Collaboration. We believe that together we achieve more! Grasp a taste of our daily life at our Sword Services Greece Experience page on LinkedIn.

At Sword we are dedicated to fostering a diverse and inclusive workplace and we ensure that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. Discrimination based on sex, racial or ethnic origin, religion or belief, disability, age, sexual orientation or marital status, physical or mental disability, or any other factor protected by applicable laws and regulations is prohibited. As part of our culture, we respect human rights and focus on creating a positive workplace, where all employees are valued, and where diversity and inclusion are a vital part of our everyday working experience.