Senior penetration tester

Location: SGS Brightsight Cyberlab Graz

SGS Brightsight provides clients with security certification on products and systems. Our job is to ensure the security functionality and robustness of the design within a product and its connected systems. The Senior Penetration Tester will lead security assessment and evaluation projects, conduct tests and advice others how to conduct tests to evaluate security vulnerabilities in applications, IoT devices and networks. The role includes the responsibility over the test environment and test procedures.

You will:

·  Lead security assessment and penetration tests

·  Lead others performing penetration tests

·  Develop and maintain the test environment and procedures

·  Perform penetration tests on electronic products and systems

·  Perform threat modelling and risk assessments

·  Engage with customers and present results

Required skills

You have a background of the following:

·  OSCP or GPEN certified

·  Experience with Acunetix, OpenVAS or Nessus

·  Experience with Kali Linux and its tools

·  Experience with OWASP and similar methodologies

·  Threat modelling and risk assessments

·  Penetration testing of enterprise networks and environments

·  Penetration testing of web applications

·  Penetration testing of IoT devices

·  Protocol and interface fuzzing

·  Background with testing standards like Common Criteria or UL 2900

·  Conducting cybersecurity assessment and audits.


You are:

·  Curious about new technologies and other cybersecurity domains;

·  Willing to self-study and participate in certification programs.


An academic background in disciplines such as microelectronics, physics, computer science or information technology is useful but can also be replaced by practical and proven experience.