Penetration tester back end infrastructure - eShard
Penetration tester backend / infrastructure
We are hiring!
eShard is a global, independent company with world-class expertise in security for embedded and mobile products (including embedded software security, Trusted Execution Environment, embedded cryptography attacks). Companies like Google, Visa, NXP and other leading vendors around the world trust in us, our solutions and services. eShard ambitions to be at the forefront in cyber-security, specialising in ICs, mobile apps and backend systems.
We have engaging/challenging projects in a supportive work environment centered around (facilitating) knowledge sharing in a team. As part of strengthening our technical team, we are looking for a self-motivated individual able to look after the design and performance of application security robustness tests.
Do you have experience in conducting in-depth security assessments and penetration testing of (web)-applications, and infrastructure? Are you ready to take part in an international, technically diverse and experienced team to help customers improve the security of their products? Are you looking for a challenging yet open and agile work environment?
This position is particularly dedicated to passionate penetration testers, keen to take the chance of growing and enhancing our penetration testing service in close cooperation with our Service Leader.
Your work and motivation will significantly contribute to eShard success.
Your day-to-day at eShard for this position
Our team of experts constantly work on various topics, such as hardware instrumentation, cryptography analysis, reverse engineering, and security in softwares etc. When they come to you in order to work on vulnerability assessment activities of complex applications, you jump into your role and conduct penetration testing. You like exchanging with the experts to see how our/eShard services can be improved to provide excellence towards our customers.
As part of our roadmap, you and the team will develop meaningful metrics to reflect the true security posture of the environment, allowing the customer to make educated decisions based on risk. For this, you closely work with the Service Leader who provides guidance and expertise to produce actionable penetration testing reports.
You act as a source of direction, training, and guidance for less experienced staff. You are in charge of designing tests to break into protected networks, systems and applications to look for vulnerabilities. During efficient and crisp meetings with the team, you look for ways to exploit vulnerabilities and design solutions to take remedial action. You are also responsible to do research with the aim to release Common Vulnerabilities and Exposure (CVE) & speak at work conferences.
You are in charge of developing tools, pentest processes and automating security testing on networks, systems and applications. In doing so, you also contribute to Open Source projects.
You will work remotely at the beginning of your employment, until we have established our office in Bonn, Germany. We suggest a regular presence in the office to bolster the team and facilitate face-to-face exchanges. As a global company with customers in region DACH and other places around the world, we are experienced in remote collaboration and communication across different time zones.
Within eShard, you are excited about developing your skills and knowledge in an international and highly dynamic technical environment.
What describes yourself includes:
- You have experience in penetration testing of:
- You have in-depth knowledge about API penetration testing and in-depth understanding of computer and information security systems and their operation
- You have OSCP/OSCE or other comparable certifications
- You have hands on experience with testing frameworks such as the PTES, mitre attack and OWASP
- You are experienced in report writing
- You love development in the following languages: Python
- You have good spoken and written communication to explain your methods to a technical and non-technical audience (German & English) to be able to support our German and English speaking customers
- You have the sense of attention to detail, to be able to plan and execute tests while considering client requirements
- You have the ability to think creatively and strategically to penetrate security systems
- You have good time management and organisational skills to meet client deadlines
- You have ethical integrity to be trusted with a high level of confidential information
- You have the ability to think laterally and ‘outside the box’
- You enjoy teamwork to support colleagues and share techniques
- You have exceptional analytical and problem-solving skills
- You work in a proactive manner and make sure that everyone is engaged and works well together. You take initiatives to make sure eShard core values are enforced and consistent with the different actions and to build a strong team spirit.
- Competitive compensation package
- Flexible working hours, remote-friendly environment
- Strong focus on personal development
- High performance office equipment
- Annual company outing plus snacks and drinks
- eShard is an ambitious internationally-focused company developing with a strong innovation path in cyber-security. A particular area of strength is the security expertise for embedded and mobile products (including embedded software security, Trusted Execution Environment, embedded cryptography attacks).
- Our highly educated R&D teams are continuously analyzing current and potential security threats; it enables us to be at the state of the art of attacks and protection or beyond it.
- We think that great software is important for security, that’s why we are selling high value software that is first in class.
- We help customers put the right amount of security in their product, and validate that with practical tests.
- Everyone working at eShard embodies our 4 values: Excellence, Trusted, Collaborative and Disruptive. Our corporate culture is highly technical, our organisation fairly flat and our mindset flexible.
- Our main office in Pessac, France has been around since 2015, but we have satellite offices in Marseille, Singapore and Germany.
- eShard provides an attractive remuneration package including an incentive plan and good health insurance.
Send your resume and motivation letter here