Penetration Testing Execution: Provide comprehensive web application, IT infrastructure, and application-level testing (including COTS and GOTS software) using defined methodologies.
Vulnerability & Risk Analysis: Assess security vulnerabilities within operating systems, software, protocols, and networks; evaluate risks and formulate actionable mitigation plans.
Stakeholder Alignment: Lead and participate in kick-off meetings to define testing requirements, scope, and rules of engagement.
Reporting & Responsible Disclosure: Write high-quality, structured technical reports in English. Follow the Responsible Disclosure Process for newly detected COTS vulnerabilities with vendors.
Executive Briefings: Brief stakeholders, technical teams, and high-level leadership (up to flag officer level) on security findings and assessment outcomes.
Agile Sprint Delivery: Execute tasks and report outcomes within a 1-week sprint framework, tracking activities inside JIRA.
Skill, Knowledge & Experience: Education & Experience: Bachelor’s degree in an IT-heavy technical subject with 3 years of post-related experience. Alternatively, 10 years of extensive and progressive penetration testing experience can compensate for a degree.
Core Technical Expertise: Minimum 3 years of deep experience in web application and infrastructure penetration testing, network security architecture design, and UNIX/Windows system administration.
Tooling & Scripting: Strong proficiency with industry-recognized penetration testing tools and scripting skills in at least one language (Python, Go, PowerShell, or Shell).
Advanced Security Concepts: Solid understanding of authentication protocols, cryptography, application security, malware infection techniques, and defensive technologies.
Desirable Certifications: Professional certifications such as OSCP, OSCE, OSWE, GPEN, CREST Certified Web Application Tester, GXPN, or GWAPT.
Language & Environment: Thorough proficiency in English is required. Prior experience in an international military/civilian environment or knowledge of NATO structures is highly beneficial.
Security Clearance: Must possess a valid, active NATO Secret security clearance.
#J-18808-Ljbffr