Penetration test – Rome

Introduction

We are looking for a Penetration Tester for our client based in Rome

Organization

Belgium – International Organisations

Function

The Consultancy services is expected to be delivered in 2 parts:

Part I: penetration test on scope 1

Part II: penetration test:

  • re test on scope 1 after mitigation by the client team
  • penetration test on scope 2 (additional scope)

Part III: penetration test – re test after mitigation by the client team on scope 1 and 2

Both parts have to be structured in the following steps:

1. Penetration test on the infrastructure in scope, with a white box testing approach: the client willprovide the tester with:

  • web application and web services endpoints
  • information on the infrastructure so to maximize the tested attack surface
  • application credentials for each endpoint that requires it

2. Hands-on penetration test on a live instance of the application in scope, with different level ofaccess provided (unauthenticated, normal user, privileged user).

3. Follow-up testing on mitigation actions.

For each of those parts, during field-work (remote or onsite), the consultant should deliver a daily statusreport, that comprises at least of:

  • Carried out activities
  • Results
  • Road-blocks

At the end of each penetration test (part 1 and part 2), and within one week, the consultant has to delivera final report with technical analysis (including risk rating) and remedial recommendations for eachdiscovered weakness.

Requirements

All consultants should have demonstrable analytical skills, knowledge and experience required to perform the ICP penetration test.

All consultants should have more than 5 years of experience in penetration testing and/or technicalsecurity reviews.

All consultant should have experience in pentesting critical web applications (e-banking, financial systems)for global organizations.

It is desirable that consultants are certified security professional.

All consultants must have excellent English communication skills and the ability to communicate thespecified solution back to the client as well as the technical/development and network infrastructureteams

Information

Aleksandar Vasev +353 1 254 9727

Application

Aleksandar Vasev
+353 1 254 9727
[email protected]

Our values

We do not only have a set of value that guide our daily choices, but they are really embedded in our DNA. We call it WESTPOLE MENTALITY. Our culture respects individuality and growth for each employee, and if you join our family you will be in contact every day with our values, which represent the way we face our daily challenges.