Security Testing SpecialistSee all recent Jobs

We are currently seeking a talented Security Testing Specialist on behalf of a major European Union body.

Location: Luxembourg

Mode of working: on-site

Languages: very good knowledge of English and French

Responsibilities:

• Analysis of documentation (both from the project and generated internally) and code and other information, also but not only with tools, preparation and execution of penetration testing, and analysis and assessment of the results
• Depending on the processes and procedures of the Contracting Authority, coordinate inside the team and with project and application teams, organizing technical meetings to elicit information, escalating to the responsible team leader and/or the statutory staff responsible if necessary
• Provide as needed, required and possible, following its processes and procedures, relevant technical security input, also based on specific experience in the environment of the organization, to activities like e.g. technical evolution and maintenance in operations of platform used for the security checks, DevSecOps
• Assess the findings, also during the process, alerting immediately the responsible team leader and/or the statutory staff directly responsible, when that may be necessary following the processes and procedures
• Prepare reports on the results of the technical security analysis and assessment, and communicate them to statutory staff responsible according to the processes and procedures
• Report to the specifically assigned Team Leader and the statutory staff responsible on possible technical challenges, actual and future, for the work of the team, and contribute as and if needed to their analysis, and to proposals to address them
• Should the processes and procedures of the organization foresee the possibility of other type of exercises with more reduce scope and/or as follow-up, do them and provide the necessary reporting
• Participate in meetings as required, at the start of, end of, and eventually during the security testing process
• Ensuring that all activities and duties comply fully with regulatory requirements, including the Group Anti-Bribery and Corruption Policy

Requirements

• University degree in Computer Science, Engineering, or a relevant discipline
• Minimum 3 years of experience in the IT field as developer and/or in roles with technical security responsibilities
• Excellent experience with application testing with a white-box approach
• Experience in implementation of security measures and/or security auditing
• Experience in activities and environments requiring to work with sensitive information, with different information labels and handling rules
• Experience in analysis and in redaction of documents for, and contacts with, technical and non-technical people (advantageous if in a context of security)
• Good knowledge of security and vulnerability management practices, preferably including relevant framework, best practices and standards (e.g. NIST SP800, ISO 27001, OWASP, hardening guidelines)
• Good general ICT knowledge, e.g. networking, operating system, firewalls, web applications servers, programming and code quality tools, virtualization, runtimes
• Good knowledge of vulnerability and security analysis tools and platforms (e.g. Nessus, Burp, Kali-Linux)
• Good knowledge of development practices and knowledge of secure coding
• Understanding of cloud services, and of the different types and configuration of “cloud” services and applications potentially involving or not “cloud”
• Understanding of good design principles for distributed architecture using services
• Certification according to CEH, or equivalent certification is required
• Very good knowledge of English (Level C1) or very good knowledge of French (Level C1). Knowledge of both languages, one at C1 level and the other at B2 level in any configuration, is required

Benefits:

• Competitive remuneration package
• Private Insurance
• A dynamic challenging environment resulting in continuous learning / education / progression
• Ability to work with cutting edge technologies
• Pleasant working environment
• Ability to expand knowledge and responsibilities

UpcoMinds is a dynamic IT company with 29 years of experience that provides end-to-end web and mobile solutions helping businesses to reinvent themselves in the digital world. Our team’s skills and expertise will ensure the holistic digital transformation of any organization, which will considerably improve both business operations and customer’s experience.

Our goal is to always have our end products and services reflect our deep engineering skills and elegant progressive design aesthetic. We fundamentally believe deeply in developing long term strategic partnerships with our clients by exceeding expectations and maintaining a high level of transparency.

Find out more about us at www.upcominds.com

We commit to promote Inclusion & Diversity by creating a working environment where all employees are treated with dignity and respect and where individual differences are valued. We offer equal opportunity in all aspects of employment.

Our recruitment consultants will go through your Curriculum Vitae as soon as possible and get back to you to discuss the opportunity for which you apply. If you don’t hear from us in the coming ten (10) working days, you may consider that you have not been selected for the particular job.

By submitting your CV, you consent to its retention in our database for a period of two (2) years, for the purpose of considering your application for current or future employment opportunities, in accordance with applicable data protection legislation GDPR.