Lead Penetration Test Engineer / Threat Analyst (m/f/d) | 1260 | Infopulse
Back

Lead Penetration Test Engineer / Threat Analyst (m/f/d)

Infopulse, Part of TietoEvry Create, welcomes a talented professional to join our Security team as a Lead Penetration Test Engineer / Threat Analyst. We are looking for an experienced and responsible professional to be part of our expert team.

Areas of Responsibility

  • Performing assessment of overall customer security level and suggest improvements
  • Threat modelling
  • Performing penetration testing, vulnerability scanning, secure code reviews
  • Full scope of penetration testing activities like: WEB applications, desktop applications, infrastructure, mobile applications (iOS, Android), IoT and embedded systems testing
  • Secure development life cycle assessment and improvements
  • Providing L3 engineer support to the SOC team for complex security incidents, such as ATP
  • Managing internal or external human resources for complex projects
  • Documentation of internal methodology, procedures, and operations enhancement
  • Mentoring and knowledge sharing with team-mates

Qualifications

  • 5+ years of progressive experience in IT security
  • Good understanding of computer networks, clouds, security solutions and processes
  • Well-developed administrative skills in OS (Windows and Linux), docker and cloud environments administration including understanding of and experience in security aspects
  • Understanding common security risks for IT infrastructure and it’s components
  • Thorough knowledge of common vulnerabilities (e.g., infrastructure, WEB, network, IOT)
  • Understanding of common types of WEB security attacks (DNS cache poisoning, ARP spoofing, DDoS, XSS, CSRF, SQL Injection, etc.)
  • Deep understanding of MITRE-stack
  • Understanding of threat modelling methodologies (CAPEC, STRIDE, Attack Tree)
  • Knowledge of the international standards and best practices: OSSTMM, NIST, OSSEC, PTES, MS Ent Cloud Red Teaming
  • Strong programming skills in web-related languages including security aspects and best practices
  • Experience with C, Java, C# and other related languages
  • Strong cybersecurity analysis and situational awareness skills
  • Experience in security incidents detection and investigation
  • English: upper-intermediate

Will be an advantage

  • Professional security certifications (e.g., CEH, CISSP, CISM, CISA, OSCP/OSCE)
  • Experience of malware engineering and reverse engineering
  • Low-level programing skills

Personal skills

  • Proactive, result-oriented person, who is able to work individually and in a team

 

Your contact for this vacancy is:

Iuliia Fitsak photo
Iuliia Fitsak
Senior HR Manager

Send us your CV and we will get back to you.

Please add details to your request

If you wish, your application will be considered for other open positions at Infopulse. Data will not be used for any other purpose and will be deleted after 12 months from your latest job application date. *

Please enter the correct data

Thank you!

Your CV has been received. Our specialists will contact you if your skills meet the requirements of the position.