Beschreibung
Penetration Tester Product Cybersecurity Team- C#/ SAST / Malware / OWASP / PythonProject / Role:
For our partner Roche Diagnostics in Rotkreuz we are looking for a highly motivated and qualified Penetration Tester Product Cybersecurity Team
Background
The Roche Diagnostics Product Cybersecurity Team is supporting project teams in all information and cybersecurity matters. We are looking to extend the team's capabilities in penetration testing and assessing of Roche products and applications. The penetration tester will be continuously assessing the vulnerabilities and compliance of critical medical devices, middleware, web/cloud applications and remote service infrastructure.
Tasks & Responsibilities
* Plan and coordinate penetration testing activities with project teams
* Execute penetration test and compliance assessments of Roche products and web applications
* Contribute to the development of the penetration testing and incident response programs
* Identify gaps in the hardening of applications and products and propose mitigation controls collaborating with project teams
* Develop in-depth threat models considering target attacks to the application and product
* Perform code and software design auditing for security flaws
* Identify and handle security incidents and execute forensic tasks
* Develop, maintain and continuously optimize tools and templates for Security Testing with penetration testing tools, like Kali Linux, Nessus and others
Additional tasks
* Drive Innovations for Product Cyber Security and bring passion to collaborate with other departments and teams across the Division
* Support vulnerability assessments and incident response activities
* Drive implementation of modern security monitoring and endpoint protection technologies in Roche products
Must Haves
* 3- 4y proven experience with penetration testing
* Extensive experience auditing software codes (C#, .NET, Python, Javascript), features, and system designs
* Experience on threat modelling
* Deep knowledge of SAST, DAST and IAST tools
* Good knowledge of MITRE Attack, Kill Chain Analysis, Malware reversing, SIEM operations etc.
* Knowledge of industry best practice and standards: OWASP, NIST, ISO27000 series
* Strong communication skills in English language, both written and spoken.
Nice to Haves
* Knowledge of GDPR, HIPAA regulations
* Developing experience (Python, Shell scripting)
* Certifications: OSCP or equivalent
* German language
Reference No.: 919827SGR
Role: Penetration Tester Product Cybersecurity Team
Industry: Pharma
Location: Rotkreuz
Workload: 60-100%
Start: 04.01.2021
Duration: 12++
Should you find yourself suitable for this position then please send us your complete CV using the link in this advert. If the position is not a perfect match and you wish to receive other opportunities directly, you can send us your CV anyway via this advert or to jobs[at]itcag[dot]com.
Contact us for further information regarding our company, our positions or our attractive payroll-only-program: .
About us:
ITech Consult is a certified ISO 9001:2015 Swiss company with offices also located in Germany and Ireland. ITech Consult is specialised in delivering IT candidates for contract work. We were founded in 1997 by IT professionals; hence we well understand what it means to be professionally supported in your search for a new project and being employed.