You want to join Excellium because…
You are curious, motivated, and passionate!
Integrated within dynamic and passionate teams, as our new Penetration Tester with Application and Infrastructure security skills, you will have the opportunity to fully invest yourself, innovate and create from the latest technologies. You will quickly find your place at Excellium. In order to understand our business, the challenges of our customers and to support them we regularly organize meetings, workshops and training. We will thus help you level up your skills and position you on stimulating projects adapted to your profile and enabling you to surpass yourself.
Your team as Penetration Tester :
Excellium is looking for a Penetration Tester to join the Intrusion and Application Security (IAS) Department based in Luxembourg. With more than 160 engagements performed in 2020 despite the pandemic, the IAS department is one of the largest offensive team in Luxembourg. The department has two practices where consultants specialize in either Application Security or Intrusion activities.
Your mission as Penetration Tester :
As a member of the Intrusion practice, you conduct different types of offensive engagements such as external, internal, and remote access penetration tests, OSINT, spear phishing, social engineering, and Red Team engagements.
In addition to fulfilling the engagement, you provide Excellium’s clients with your offensive perspective to guide them towards realistic remediation plans depending on their maturity and size.
Your previous experience is an asset to lead the research and development in the security areas where your competencies shine. You are able to coach, mentor and train other members, but also helping to recruit new members to sustain the team expansion.
By joining the IAS department, you are able to improve your technical skills, via internal sharing, training and participation to conferences. You are also directly influencing the catalog of services, to ensure that mission delivered always reflects the latest threat model.
A consultant is expected to demonstrate experience in over 5+ areas of expertise. For this position, the following skill areas judged as essentials are listed below.
As a Penetration Tester with Application and Infrastructure security skills you have :
- Network infrastructure penetration testing
- Windows and Linux operating systems penetration testing
- Proficiency in Active Directory concepts, terminology, and typical abuse
- Remote Access and thin client solutions (VPN, Citrix)
- Wireless penetration testing
- Spear phishing
- Defense evasion
In addition, it is expected for the candidate to have :
- Proven consultancy experience with a client-first mindset
- Previous experience of penetration test team lead
- Excellent spoken and written communication skills, as explaining a vulnerability is just as important as finding it! Languages: English (Mandatory), Dutch (Mandatory) and French (Preferred)
- Ability to work both autonomously and in peer
- Ability to support presale activities (qualification and scoping of client needs)
- GIAC or Offensive Security certifications (GPEN, OSCP, OSEP, OSWP, OSCE, OSED, OSCEE…)
- Proficiency with one C2 framework, such as Cobalt Strike, Metasploit or Covenant
- Proficiency in at least one scripting and coding language
You are a big enthusiast of IT security, you are curious and on the lookout for the latest news, security holes and technological advances, then apply !
Contract: Full time
- BELGIUM : Belgicastraat 13 B-1930 Zaventem, Belgium
- LUXEMBOURG : 5 rue Goell L-5326 Contern, Luxembourg
“Your personal data will be kept for a period not exceeding 3 months. If you agree, your personal data will be kept for up to 12 months for potential future job offers. “
WHO WE ARE?
Joining Excellium Services is about having the possibility to fully invest yourself, innovate and create from the latest technologies.
Our team is dynamic with accessible managing partners and involved cyber soldiers.
It is about joining a family with more than 100 direct & passionate employees.
Last but not least! This is also about having the chance to level up your skills in:
- Hybrid Cloud,
- Managed Security Services,
- Network Security
- Application Security.
We will help you develop your knowledge. Do not wait any further.