The two possible profiles we are looking for are
1. An experienced penetration tester who wants to become better in defensive security
2. An experienced “blue team” player who wants to improve his offensive security skills
Who you are:
1. At least 2 years of hands-on experience in the IT Security field
2. Experience in Pentesting, Ethical Hacking, Bug Bounties, Compliance Checks, Black/White/Grey-Box testing
3. Very good knowledge of a programming language (like Python)
4. Completed training as an IT specialist or a university degree in computer science is advantageous
5. Knowledge of AWS is an advantage
6. Fluent English: spoken and written
7. Nice to have: Ability to read and understand PHP, JavaScript
1. Relocation assistance.
2. Learning package (industry certificates).
3. Employee discount.
4. Free drinks and fresh fruit at the office every day.
5. Language courses.
1. Development and implementation of protective measures and security concepts.
2. Conducting regular security tests and code reviews with developers collectively.
3. Development of creative solutions and testing of new own tools.
4. Implement security measures for the AWS infrastructure and improve existing systems (e.g. Inspector, GuardDuty, WAF).
5. Optimization and automation of work processes.
6. Further development of our Security Information and Event Management (SIEM) system.
7. Incident Response and creation of Incident Response Plans.
Challenges for the coming months are e.g. the following areas:
1. Security of our AY Cloud Infrastructure: both blue team and red team activities are planned
2. Enhancement of our attack detection and mitigation capabilities
3. Continuous monitoring and continuous improvement of shop applications
4. Promote a risk-based approach