We are hiring yet again - need a pentester

We are looking for a penetration tester again. The business has been growing steadily and we need more people.

So, desperately wanted an experienced pentester.

We will prefer somebody from Belgium or EU, but will consider applications from other countries if you have solid prior experience in penetration testing. We are located in Brussels, Belgium. The job is full time, mostly on customer sites in Belgium.

The job involves performing security testing, alone or in a team. We perform a wide variety of security tests, from web applications security to hardware hacking, from low-level network security testing to telephony and VoIP security. What kind of tests you will be involved in depends on your interests and skill set. Apart from testing, you will have to write project reports, and interact with the clients before, during and after the test execution. You might also have to develop tools or use and adapt tools developed by other team members. Some project management is also expected.

You will constantlly have the opportunity to work with new products and technologies, learn new tools and techniques and share the knowledge.

You get a competitive salary, a company car, laptop, cell phone subscription, Internet connection at home paid, home office compensation, rail pass, etc. The conditions are negotiable (see the previous job ad with regards to cream toffees).

We are looking for somebody with a solid background in IT security, ideally an experienced pentester. We would like to see:

  • In-depth knowledge of and interest in computer security. You are familiar with the concepts, tools and methods used in IT security and specifically in penetration testing. Most importantly, you love security, you enjoy hacking, when you figure out how to exploit some tricky bug you feel happy for the rest of the day.
  • Prior experience in penetration testing is a huge plus
  • Knowledge of web application technologies and web application security. Familiarity with web application testing tools, such as intercepting proxies, application vulnerability scanners, etc. You have used intercepting proxies, you can exploit an SQL injection manually or with a tool, you know why there is more to XSS than <script>alert(1);</script> (and you can write the that script-alert-script thingy without having to look up the syntax. I wish I was joking)
  • In-depth knowledge of TCP/IP and application-level protocols and their security concepts. I mean more than "what's the difference between TCP and UDP?" sort of questions.
  • Understanding of networking on link level is a plus
  • Knowledge of operating system security concepts (and if you understand the security architecture of iOS and Android and can explain the differences, we love you already)
  • Knowledge of mobile application security is a plus
  • Knowledge of voice technologies is a plus
  • Working knowlege of electronics is a plus
  • Ability to code and read other people's code. If you have done security source code reviews, that's great.
  • Ability to speak and write clearly in English is a requirement, knowledge of French and Dutch is a plus

    Send your CV to info@gremwell.com with [Job] in the subject.