Penetration Tester
URGENT C004565, Penetration Tester
The individual will be responsible for:
- Leading and/or participating in Red/Blue Team activities during NATO military exercises
- Conducting penetration testing across:
- Web applications
- IT infrastructure
- Applications
- Performing security design reviews to ensure compliance with NATO policies and directives
- Providing security consultancy and advisory services to projects and operational entities
- Maintaining effective communication with stakeholders, including:
- NCIA Configuration Control Board
- Security Accreditation Boards
- NATO Security Accreditation Authorities
- NCI Agency organizational units
- Delivering briefings at executive and technical levels, including to senior leadership (flag officer level)
- Collaborating closely with the Head of the Penetration Testing Cell and coordinating with internal and external stakeholders
The candidate must have extensive experience (3 years) in:
Technical Skills
- Web application penetration testing
- IT infrastructure penetration testing
- Network security architecture design
- Identifying vulnerabilities in:
- Operating systems
- Software
- Protocols
- Networks
- Researching and evaluating security tools and technologies
Systems & Tools
- System and network administration (UNIX & Windows)
- Penetration testing tools, techniques, and methodologies
- Scripting in at least one language:
- Python, Perl, Ruby, or Shell (bash, ksh, csh)
Security Knowledge
- System and network security
- Authentication and security protocols
- Cryptography
- Application security
- Malware techniques and protection mechanisms
Analytical & Reporting Skills
- Ability to assess risks and develop mitigation strategies
- Strong technical writing skills, including:
- Executive summaries
- Technical findings
- Remediation plans
- Ability to communicate effectively with both technical and non-technical audiences