InfoSec Engineer Offensive Security

International Tobacco Company | InfoSec Engineer Offensive Security | Final Client
Hays Technology is currently looking for a InfoSec Engineer Offensive Security!

The company you're going to work for
Integrate an international company, one of the world’s leading international tobacco companies, headquartered in New York City. Nowadays, their biggest mission is replacing smoking cigarettes with smoke-free products. For this, this company have been developing alternatives and building software solutions that will interface with end customers and support the development, production and user experience of our products.

Your new role
• Identify cybersecurity vulnerabilities in PMI applications and systems using a wide variety of methods, e.g. static code analysis, dynamic/interactive testing, manual penetration testing and code review
• Describe identified issues in the form of reports and ensure that relevant stakeholders understand the risk that those vulnerabilities pose to the Company
• Analyze the scope, methodology and results of ethical hacking activities performed by third parties around the presence of vulnerabilities in systems used or to be used by PMI
• Follow up with third parties on any inconsistency and ambiguity in the reports to have a reasonable level of assurance over security testing deliverables provided by vendors
• Advise IT teams on how to replicate identified cybersecurity issues and remediate them in the most effective and cost-efficient way
• Partner with other Information Security leaders to ensure that PMI follows best practices in the application security testing domain by continuously optimizing tools, techniques and methodologies
• Keep up to date with the constantly evolving cyber threat landscape and the latest developments in ethical hacking techniques

What do you need to succeed

• Minimum 4 years of experience in ethical hacking/penetration testing/vulnerability assessment/read teaming, preferably in professional services or consulting companies
• Professional certifications in ethical hacking (e.g. OSCP, GIAC Penetration Tester, GIAC Web Application Penetration Tester, GIAC Mobile Device Security Analyst)
• Proven track record in performing web, mobile and thick client application security testing using well-known methodologies (OWASP, OSMMT or CREST) and techniques (SAST, DAST, IAST, SCA)
• Experience in IoT solutions security assessment and penetration testing
• Experience in large scale Red Teaming exercises
• Demonstrated experience with both automated and manual penetration testing using open source and/or commercial tools
• Experience with cloud environments
• Knowledge of common web and mobile technologies (e.g. ASP.NET, C#, Java, JavaScript, Ruby, Python)
• Strong understanding of modern application architectures including microservices, containers, APIs and serverless technologies
• Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10
• Considerable technical writing proficiency and oral presentation skills, in English
• Practical experience in Agile/DevOps organizations and cultures

What the company can offer you

This company will give you the opportunity to pursue your ambitions and develop your skills, providing constant training so you can build a successfully international career. You will integrate an ambitious and unique projects related to smoke-free choices and have the chance to work with modern tools and cutting-edge technologies in the industry. Integrating this team will be an opportunity of being part of a growing team in a leading company with an Agile and collaborative environment, where everyone’s contribution is respected.

Next step
If you are interested in this opportunity, click on “Apply Now” to forward us your updated CV. In case this is not the opportunity you are looking for, contact us to talk about other career opportunities, always in a confidential mode.

I am a Recruitment Consultant at Hays Technology, specialized in recruiting for Cybersecurity in Lisbon. I help professionals in this area develop their careers and ensure organisations are supported by the best talent.

At Hays Technology, we are shaping the future of recruitment. Data security and impenetrable protection for Cloud operating models are a priority in every company and business. We are surrounded by local and global projects and with markets in considerable change and in that sense we are in contact with the best professionals in this sector. If you are recruiting for your team or looking to take the next step in your Cybersecurity career, talk to us today. We are Hays Technology.

Klikněte zde pro přístup k zásadám o ochraně osobních údajů Hays. Zde získáte detailní informace o tom, jak používáme a chráníme vaše osobní data a jaká jsou vaše související práva.


Typ úvazku
Hlavní PP
Tecnologia e Internet
Cyber Security
Attractive Salary

Spojit se s konzultantem

Kontaktní osoba: Patricia Horta, odborný konzultant spravující tuto pozici, Pobočka: Lisboa
Avenida da República, 90, 1º, Andar, Fracção 4

Telefon: 21 782 6560