Penetration Test

Penetration Test urgently required for interesting contract in the Netherlands, Amsterdam

The Penetration Test will be Responsible for the following:

* Primary responsibility to provide internal and external network penetration testing, create actionable reporting based on findings, application testing, including black-, grey-, White Box, code reviews.
* Further you will advise in secure software development, secure architecture and design, development standards for new technologies and applications and improve the automation of security tooling.
* Additionally you will support with pre intakes/technical intakes, development of security solutions and services, leveraging a robust technology portfolio, to address complex industry recognized information security trends and challenges faced by our respective clients.
* Assist with security support of the delivery of consumer grade products and services.

The Ppenetration Test will ideally have the following skills and expertise:

* Minimum 5 years penetration testing experience, with significant experience outside web applications (mobile, Mainframe, infrastructure, networks, fat-client) testing.
* Experience with OWASP testing Guide/Open Source Security Testing Methodology Manual
* Fluent in creating software in at least 1 programming language.
* Expert with common web application penetration testing tools including, but not limited to Burp, Fiddler, OWASP Zap, BeEF, and at least one commercial solution (WebInspect, AppScan, or similar).
* Experience deploying enterprise security testing solutions.
* Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
* Experience with testing automation suites such as Selenium or UFT.
* Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificate pinning.
* Technical depth in many, if not most of the following areas: LAMP stack, Node.js, Scala/Java, iOS, Android OS, Windows Mobile, web services.
* Knowledge of networking protocols, the network stack and DDoS attacks and defenses.
* Experience with Secure Development Lifecycle practices and Agile development.
* Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired.
* Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
* Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.
* A fun and positive attitude!

Duration: 6-12months + extension
Location: Amsterdam
Rate: Market rate