An International Cybersecurity Shared service center in Prague is looking for new colleagues into Penetration testing team.
The Cybersecurity Shared service center serves both to Deutsche Telkom AG companies round the World and to their customers / clients.
Services are provided from Prague or onsite, where onsite work does not exceed 20% time.
Position Description :
Senior position expects ability to all - plan, develop, execute tests and present penetration testing outputs.
Testing is always provided according to project needs (application and infrastructure), customer requirements and industry best practices.
Strong focus is set to ability to understand and identify vulnerabilities in complex enterprise ICT environment and the way, how they may affect both infrastructure and business of tested ecosystem.
Therefore the both security and technology background is expected.
Optionally (in case if interest) could perform the role of trainer in the area of his expertise.
Act as a mentor to Junior colleagues in team
For any person applying for this position we expect a compliance with highest Cybersecurity ethical standards and very high reliability.
In case of need, the application for official CZ / EU / NATO Security Clearance can be requested.
Position Requirements (must have) :
Two years of working experience in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)
Willingness to travel
Working knowledge of Security principles, techniques and technologies
Basic knowledge of security concepts and risk control
Good understanding of technology, network protocols, design and operations
Basic Understanding of Legal and privacy issues related to penetration testing
Valid CEH certification
OR equal knowledge including binding commitment to pass the CEH exam and apply for certification till the end of probation period
Fluent English (both spoken and written) at level guaranteeing successful presentation to management level
Position Requirements (nice to have) :
Bachelor or higher degree from technical / economical / math university
Any cybersecurity related certifications (Security+, CISSP, CISM, CISA, CGEIT, CRISC) or the equal knowledge ready to pass exam
Any working experience in technical non-security IT area is welcome
Vulnerability and threat management experience
Experience with various security tools and products (Fortify, AppScan, etc )
Good understanding of the components of a secure DLC / SDLC
Vulnerability analysis and application reversing skills
Understanding of cryptography principles
Any additional language is welcome : Czech, German, Spanish, Italian, Portugal, French