Penetration Tester - Ethical Hacker | Network & Cloud | Senior - (Slovakia based role only, up to 80% remote working)
Are you tired from hacking the same network every single day for the past year? Come and join us in hunting vulnerabilities in highly dynamic environment. Hundreds of projects are waiting for you. Together we will shape cybersecurity for healthcare. You can join our team in Bratislava, Zilina or Kosice.
Your tasks will be the following:• Execute penetration tests and security assessments on internal and external networks, Windows and Linux environments, cloud (AWS and Azure) architecture, IoT devices, and more. • Identify and exploit incorrect configurations and security vulnerabilities on Windows and Linux servers. • Safely utilize tools, tactics, and procedures used in penetration testing engagements. • Perform worst-case scenarios modelling and scope creation, as well as execute relevant tests based upon the results. • Write & present comprehensive and accurate reports for both technical and executive audiences. • Provide technical guidance for remediation of findings. • Develop scripts, tools, or methodologies to enhance penetration testing processes. • Lead penetration testing projects, supervise junior and medior colleagues. • Black box and white box penetration testing • Hacking into authorized customer systems, obtaining a foothold, pivoting to other relevant systems, and obtaining important data for exfiltration. What are we expecting? Education
Master's degree in Computer Science (or related field) or equivalent work experience in the relevant field.Language
English – advanced.Professional skills
• 5+ years of experience in an offensive security specialty.
An expert level of knowledge is required in the following areas:
- • Port scanners, vulnerability scanners, exploitation frameworks.
- • Networking and network protocols.
- • Enumeration techniques.
- • Active Directory.
- • Cloud (Azure and AWS).
A good understanding of the following concepts is expected:
- • Windows and Linux access controls, administration and user management.
- • Authentication and Authorization models.
- • Web server administration and architectonic concepts.
- • Penetration testing processes, procedures and reporting requirements.
- • Post exploitation techniques.
- • Experience with security concepts of databases (MS SQL, Oracle DB, PostgreSQL, MySQL).
The candidate is expected to have a basic understanding of the following concepts:
- • Application development.
- • Java/C#/Python/C programming.
- • Web penetration testing (OWASP).
- • Automatic vulnerability scanners.
• Work experience in other IT fields (system administrator, network security, security auditor, cloud security etc.)
• Work experience in leading penetration testing teams and projects
• Mindset to explain vulnerabilities to non-technical people
• Certifications such as OSCP, OSCE, CISCO CCNA, CISCO CCNP, CREST CRT, GIAC (GXPN, GWAPT, GPEN, GMOB).
• Assigned CVE.
- • Bug bounty platforms & programs
- • SCRUM/KANBAN
- • LaTeX
- • CTF platforms (HackTheBox, TryHackMe, etc.)
What do we offer:
- Variable and Christmas bonus
· Hybrid type of work – combination of telework and work from office
· Flexible Working Hours
· Bridge days – free extra paid leave 6 days per year
· 3 sick days per year (no doctor’s permit needed)
· In case of sickness 100% salary reimbursement 20 days/ year, this includes max. 10 days/ year for of family care
· Additional pension plan
· 300 EUR for regeneration of work force via cafeteria system
· Wellbeing program – Psychological, Legal and Financial Councelling
· Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)
· Retention program (work anniversary, life anniversary, employee loans)
· Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
· Adjustable standing desk as a standard
· Participation on world famous IT conferences like Microsoft IGNITE for best employees
· Wide project portfolio in healthcare domain and job rotation within company (Cybersecurity, Artificial Intelligence, Healthcare IT services, …)
Basic wage component (gross) and other rewards: starting from 4000 EUR brutto /month + VAR*
*We are required by law to disclose basic wage component (minimum salary) for the advertised positions. We carefully consider your professional qualifications and experience in our compensation package and/or when offering you other positions.
Our goal is to pay our employee's fairly, with regard to the market situation and we are ready to welcome high-quality candidates in our team.
Organization: Siemens Healthineers
Company: Siemens Healthcare s.r.o.
Experience Level: Experienced Professional
Full / Part time: Full-time