Hybrid Cybersecurity Penetration Tester – InfoSec

Über das Unternehmen

Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax, and related services. With a globally connected network of member firms in more than 150 countries and territories, Deloitte serves four out of five Fortune Global 500® companies. In Austria, Deloitte helps clients become leaders wherever they choose to compete. Our Cyber team is dedicated to safeguarding our clients‘ digital assets and fostering a secure environment for our clients and ourselves.

Stellenbeschreibung

We are seeking a highly motivated and skilled Hybrid Cybersecurity Penetration Tester to join our dynamic InfoSec team in Vösendorf. In this role, you will be instrumental in identifying vulnerabilities in our clients‘ systems, applications, and networks through comprehensive penetration testing. You will collaborate closely with development and operations teams to recommend and implement robust security solutions, helping to protect critical data and infrastructure. This position requires a proactive approach, strong analytical skills, and a deep understanding of modern cybersecurity threats and attack vectors. You will be expected to stay current with the latest security trends, tools, and methodologies, contributing to our continuous improvement in defensive strategies. The hybrid model offers flexibility, balancing on-site collaboration with remote work.

Hauptverantwortlichkeiten

• Conduct comprehensive penetration tests on web applications, mobile applications, network infrastructure, and cloud environments.
• Identify, analyze, and document security vulnerabilities and weaknesses.
• Develop clear, concise, and actionable recommendations for remediation.
• Present findings and recommendations to technical and non-technical stakeholders.
• Collaborate with development and operations teams to ensure effective vulnerability remediation.
• Participate in security reviews, threat modeling, and risk assessments.
• Contribute to the enhancement of penetration testing methodologies, tools, and processes.
• Stay abreast of the latest security trends, attack techniques, and industry best practices.

Erforderliche Fähigkeiten

• Proven experience in conducting penetration tests against various targets (web, mobile, network, cloud).
• Strong understanding of common security vulnerabilities (OWASP Top 10, SANS Top 25).
• Proficiency with penetration testing tools (e.g., Burp Suite, Nmap, Metasploit, Nessus).
• Solid knowledge of network protocols, operating systems (Windows, Linux), and scripting languages (Python, PowerShell, Bash).
• Familiarity with various attack vectors and exploitation techniques.
• Excellent written and verbal communication skills in English.
• Ability to work independently and as part of a team.

Bevorzugte Qualifikationen

• Relevant certifications (e.g., OSCP, CEH, GPEN, eJPT).
• Experience with cloud security assessments (AWS, Azure, GCP).
• Knowledge of secure coding principles and practices.
• Familiarity with compliance frameworks (GDPR, ISO 27001).
• Experience in social engineering assessments.
• German language proficiency.

Vorteile & Zusatzleistungen

• Competitive salary and performance-based bonuses.
• Comprehensive health and wellness programs.
• Extensive professional development and training opportunities.
• Generous paid time off and flexible working arrangements (hybrid model).
• Access to cutting-edge tools and technologies.
• Collaborative and inclusive work environment.
• Employee assistance program.
• Company events and team-building activities.

Jetzt bewerben