Would you like to join the leading international intergovernmental organization? The Penetration Tester 3 is a senior cybersecurity specialist responsible for leading and executing advanced penetration testing, security design reviews, and consultancy to ensure compliance with NATO policies and directives. This role requires deep technical expertise in offensive and defensive security, strong stakeholder engagement, and the ability to brief at both executive and technical levels, including flag officer audiences.
Responsibilities
Lead and/or be part of the Red/Blue Team during NATO military exercises
Provide Web, infrastructure and application level penetration testing
Provide security design reviews to ensure compliance with NATO policies and directives
Provide security consultancy and advice to projects, plans, and other entities
Build and sustain effective communications with different stakeholders; specifically, the NCIA Configuration Control Board, Security Accreditation Boards, NATO Security Accreditation Authorities, and NCI Agency organization units supporting accreditation processes
Brief at both executive and technical levels on security reports and testing outcome, including at flag officer level
In co-ordination with the Head of the Penetration testing Cell, ensure proactive collaboration and coordination with internal and external stakeholders
Essential Qualifications & Experience
Web application penetration testing
IT infrastructure penetration testing
Network security architecture design
Assessing security vulnerabilities within OS, software, protocols & networks
Researching and evaluating security products & technologies
Knowledge in system and network administration of UNIX and Windows systems
Use of penetration testing tools, techniques, and recognized testing methodologies
Scripting skills in at least one of the following: Perl, Python, Ruby, shell (bash, ksh, csh)
Technical knowledge in system and network security, authentication and security protocols, cryptography, application security, as well as, malware infection techniques and protection technologies
Ability to evaluate risks and formulate mitigation plans
Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation plan for several different audiences
#J-18808-Ljbffr