EY Pentester - Lisboa/Porto 

Portugal, Lisbon 

984174050

Your key responsibilities

• Vulnerability management and assessment;
• Perform penetration testing on IT Infrastructure, Web, Application and Mobile;
• Planning and execution of intrusion tests;
• Hardening of high management solutions;
• Vulnerability Scanning platform management;
• Reporting;
• Issuancing of technical opinions and improvement proposals for risk mitigation;
• Updating general documentation;
• Establishing professional and trust relationships with clients and staff, contributing to a flexible, stable, and team-oriented working culture;
• Acting as mentor and coach to the junior members of the team and leading by example.

Skills and attributes for success

• A strong work ethic;
• Strong analytical and problem-solving skills;
• High communication skills;
• Flexibility and resilience;
• Rigor and attention to detail;
• Professional responsibility, confidentiality and integrity;
• Efficient, innovative and team-oriented work environment;
• Dedicated, innovative, resourceful, and able to work under pressure.

To qualify for the role, the candidate must have

• Bachelor’s degree in Computer Engineering or other related;
• 2+ years of experience in Consulting and/or High-Tech industry;
• 2+ years of professional experience in Pentesting area, Red Team Penetration testing, in a consulting environment;
• Knowledge of Cyber Attack Frameworks, such as Mitre Att&ck and Cyber Kill Chain;
• Experience in Threat Hunting;
• Experience in code development and/or review: C#, C/C++, VB.NET, ASP, PHP, Powershell, Python or Java;
• Awareness and experience developing threat intelligence reports;
• Understanding the data flows of application and network components (SMTP, LDAP, Database servers);
• Knowledge about OWASP and CWE / SANS classification systems;
• Experience in systems security assessments and security design reviews;
• Knowledge of Linux, Tenable, Qualys and Kubernetes;
• Fluent written and verbal communication skills in both Portuguese and English.

Ideally, the candidate also have:

• Other certifications: GPEN, CEH, CompTIA Pentest +;
• Knowledge of Audit and Risk standards: ISO27k1, ISO27k5, ITIL;
• OSCP (Offensive security certified professional) and/or CCNA R&S certifications;
• Experience with Microsegmentation is a plus;
• Experience in Incident Management is a plus.
  

An effective communicator and you’ll be a confident team player equipped with strong people management skills; Creative, proactive, a team player, and able to work under pressure. It’s important to have a strategically focused mindset and the ability to deliver multiple projects and present information in a clear and concise manner. Business mindset and some commercial acumen. We value a strong work ethic, forward-thinking, and being a self-starter; If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Plus, we offer support and coaching, opportunities to develop new skills and progress your career, and the freedom and flexibility to handle your role in a way that’s right for you.
You’ll develop the mindset and skills to navigate whatever comes next.
We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
We’ll give you the insights, coaching and confidence to be the leader the world needs.
You’ll be embraced for who you are and empowered to use your voice to help others find theirs.