An International Cybersecurity Shared service center in Prague is looking for new colleagues into Penetration testing team. The Cybersecurity Shared service center serves both to Deutsche Telkom AG companies round the World and to their customers/clients. Services are provided from Prague or onsite, where onsite work does not exceed 20% time.
Senior position expects ability to all - plan, develop, execute tests and present penetration testing outputs.
Testing is always provided according to project needs (application and infrastructure), customer requirements and industry best practices.
Strong focus is set to ability to understand and identify vulnerabilities in complex enterprise ICT environment and the way, how they may affect both infrastructure and business of tested ecosystem. Therefore the both security and technology background is expected.
Optionally (in case if interest) could perform the role of trainer in the area of his expertise.
Act as a mentor to Junior colleagues in team
For any person applying for this position we expect a compliance with highest Cybersecurity ethical standards and very high reliability. In case of need, the application for official CZ/EU/NATO Security Clearance can be requested.
• Two years of working experience in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)
• Willingness to travel
• Working knowledge of Security principles, techniques and technologies
• Basic knowledge of security concepts and risk control
• Good understanding of technology, network protocols, design and operations
• Basic Understanding of Legal and privacy issues related to penetration testing
• Valid CEH certification
equal knowledge including binding commitment to pass the CEH exam and apply for certification till the end of probation period
• Fluent English (both spoken and written) at level guaranteeing successful presentation to management level
• Bachelor or higher degree from technical /economical/math university
• Any cybersecurity related certifications (Security+, CISSP, CISM, CISA, CGEIT, CRISC) or the equal knowledge ready to pass exam
• Any working experience in technical non-security IT area is welcome
• Vulnerability and threat management experience
• Experience with various security tools and products (Fortify, AppScan, etc…)
• Good understanding of the components of a secure DLC/SDLC
• Vulnerability analysis and application reversing skills
• Understanding of cryptography principles
• EU citizenship
• Any additional language is welcome: Czech, German, Spanish, Italian, Portugal, French