Senior Penetration Tester

WHO ARE WE? It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks This means we offer cyber security services to private and governmental organizations to help the better prepare for, prevent, detect and respond to cyber security incidents. All of this is built on four fundamental values that define who we are: We are Proud, We Break Barriers, We Care and No BS Tasks You have a strong interest in the field of IT security and believe the following to be applicable to you? As a senior penetration tester, you will : Conduct thorough penetration tests to discover common/advanced vulnerabilities that might be exploited by user/systems within client IT technologies (Mobile, Web, API, IOT, Network equipment, Operating Systems, …) Understand and assess a variety of IT technologies using comprehensive security guidelines and state-of-art standards created by world-renowned originations Help with development and recommendation of security solutions to protect and remediate clients’ proprietary/confidential data, applications and systems Advise our clients for security whenever they make changes in their IT technologies Prepare reports regarding effectiveness of information security adherence and make recommendations for the adoption of procedures Effectively communicate complex technical information to both technical and non-technical audiences Understand the psychology, the systems, and the tactics employed by threat actors to proactively test the clients’ systems for identifying vulnerabilities; Manage and guide junior consultants in their projects; Understand and assess a variety of IT technologies (Mobile, Web, API, IOT, Network equipment, Operating Systems, …) using comprehensive security … Requirements You are eligible for NATO Clearance Good understanding of “the basics”: different platforms, operating systems, software, communications, and network protocols Knowledge of the Unified Kill Chain, MITRE ATT&CK, and other principles relevant to adversary emulation Experience with post-exploitation using command and control frameworks, in particular those used by real adversaries, such as CobaltStrike Purple team experience is a plus Experience with payload crafting is a plus (C++/C#, Win32 API, AV/EDR evasion, etc.) Proven skillset through relevant certifications and courses (CRTP, CRTE, PACES, CRTO, OSEP, OSCE, etc.) Positive, team and mission-oriented attitude Excellent communication skills, both verbal and written (English required, Dutch or French desired) Benefits At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components: A training budget of 10.000€ and 10 days every 2 years Company car and Belgian fuel card Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (BlackHat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical security certifications (GSE, GXPN, GREM, GCFA, OSCP, etc) An entrepreneurial and agile working environment, where you will be challenged, stimulated and supported in driving new initiatives (either through internal innovation or by improving our service offering), without losing sight of having fun Regular team-building and fun events with legendary off-site events once a year. The location of the next team building is one of the most closely guarded secrets at NVISO… We can however disclose that we’ve visited Lisbon, Dubai, Malta and Lapland over the past few years; Our commitment to coach and counsel you and help you grow; each employee receives a personal coach within the team, whose role is to ensure your well-being and helps you grow in your career Flexible working hours, working from home and even the possibility to work from abroad; Flex Income Plan 32 paid leave days IF YOU'RE INTERESTED, PLEASE SEND US YOUR APPLICATION WE'RE LOOKING FORWARD TO MEETING YOUWe are a young team of cyber security professionals who decided to do things differently. With innovation rooted in our foundations, we offer services that are up against the modern adversary and that help you Prevent, Detect & Respond to cyber attacks. Curious for more? Say hello and meet the team