This Job Vacancy has Expired!

Penetration Tester Product Cybersecurity Team

Coopers Group GmbH

Posted on Nov 19, 2020 by Coopers Group GmbH

Zug, Switzerland
IT
1 Jan 2021
Annual Salary
Contract/Project


For our Pharma Client in Kanton Zug, we are currently looking for a

Penetration Tester Product Cybersecurity Team

Location: Zug

Contract type: temporary contract

Start/Ende: 04/01/2020 - 31/12/2021

Workload: 60 - 100%

Background

The Diagnostics Product Cybersecurity Team is supporting project teams in all information and cybersecurity matters. We are looking to extend the team's capabilities in penetration testing and assessing of products and applications. The penetration tester will be continuously assessing the vulnerabilities and compliance of critical medical devices, Middleware, web/cloud applications and remote service infrastructure.

Tasks & Responsibilities

Plan and coordinate penetration testing activities with project teams
Execute penetration test and compliance assessments of products and web applications
Contribute to the development of the penetration testing and incident response programs
Identify gaps in the hardening of applications and products and propose mitigation controls collaborating with project teams
Develop in-depth threat models considering target attacks to the application and product
Perform code and software design auditing for security flaws
Identify and handle security incidents and execute forensic tasks
Develop, maintain and continuously optimize tools and templates for Security Testing with penetration testing tools, like Kali Linux, Nessus and others

Additional tasks

Drive Innovations for Product Cyber Security and bring passion to collaborate with other departments and teams across the Division
Support vulnerability assessments and incident response activities
Drive implementation of modern security monitoring and endpoint protection technologies in products

Must Haves

3- 4y proven experience with penetration testing
Extensive experience auditing software codes (C#, .NET, Python, Javascript), features, and system designs
Experience on threat modelling
Deep knowledge of SAST, DAST and IAST tools
Good knowledge of MITRE Attack, Kill Chain Analysis, Malware reversing, SIEM operations etc.
Knowledge of industry best practice and standards: OWASP, NIST, ISO27000 series

Nice to Haves

Knowledge of GDPR, HIPAA regulations
Developing experience (Python, Shell Scripting)
Certifications: OSCP or equivalent
German language




Reference: 1010318989

Set up alerts to get notified of new vacancies.