Whether we talk about IoT consumer products, automotive, medical devices, or industrial control systems, security of embedded systems is important and very often used in solutions, which combine devices, systems, infrastructure, web and mobile applications. Within this fast evolving landscape, Secura gets many customer requests to validate these solutions. Moreover, Secura is actively working on standardization of security assessments for these various industries.
What we are looking for:
In this context, we are looking for a (Senior) Security Specialist. As a Specialist you will perform the technical assessments of either embedded products, software or web/mobile applications, in line with the applicable security evaluation methodology. This can be either a “free-form” penetration test, or testing in line with the requirements of a specific standard or certification scheme. Direct interaction with the customer for the purpose of defining the assessment scope, as well as during the assessment execution is expected as well. Finally, the role will provide opportunities for security consultancy (technical topics) given to the customer, especially regarding the way in which they can address the security issues resulting from the conducted testing.
As a (Senior) Security Specialist you will:
- Perform the technical assessments for the targets in scope, in line with the agreed assessment methodology;
- Be a technical lead for performed technical assessments (especially for Senior role) ;
- Get involved in both technical (content specific) as well as management level discussions with external customers, in order to explain or support the execution of security assessment (and certification) projects;
- Report the results of the assessment, and directly interact with the customers in order to explain them the results of the assessment and way forward;
- Align with the customers for the purpose of understanding their needs in terms of testing;
- Provide consultancy for the customers, in order to address their security needs or findings;
- Support Secura’s Account Managers in the process of defining a lead, by providing the intended project approach and effort estimation;
- Support and execute allocated R&D projects;
- Contribute substantially to internal/external knowledge sharing via training courses, blog posts, articles, brochures, news items;
- Train and present for clients and internal;
- Perform tools and methods validation projects
and state results and their interpretations in a report.
What you need to have:
- A completed Bachelor’s or Master’s, in a relevant (technical) domain;
- 2-5 years of relevant working experience as a penetration tester (>5 years for a Senior position);
- Affinity and experience with testing of embedded devices: IoT, hardware, firmware and electronics;
- Experience with performing code reviews such as C, C#, C++, Python, PHP and preferably with low level languages ;
- A strong drive to understand the needs of the customers, and map them to possible offered services;
- Passion about maintaining and further developing the range of offered services;
- Customer oriented mentality, focused on delivering what it is expected in the required timeframe, while at the same time not cutting on the level of technical quality.
What would be nice to have:
- experience with testing of web and mobile applications, or a strong will to get training and develop in this area;
- experience with binary exploitation and reverse engineering ;
- any penetration testing certification
such as eWPT(x), eCPPT, OSCP, OSCE.
At Secura we have:
A different day every day. Together with a great passionate team, you will have the chance to further develop and expand your knowledge and expertise in security. Secura has a high focus on knowledge development, offering you training courses and stimulating to participation in R&D projects.
We reward experience when we see it and our salaries are therefor based on the knowledge you will bring to Secura. As we are a growing organization, you have the opportunity to really make a difference within Secura and grow with us. Secura employs a motivated and dedicated team, with offices in the two main technological centers of the Netherlands: Eindhoven and Amsterdam. This role can be fulfilled from both of these locations.
Are you the (Senior) Security Specialist we are looking for?We would like to receive your resume and motivation letter by e-mail at email@example.com. Do you have questions? Feel free to ask! Contact one of our Recruiters via telephone number +31 (0)88 888 31 00 or by e-mail firstname.lastname@example.org.
Pre-employment screening and assessments are part of the selection process. Social media screenings and declaration of good conduct are checked annually.