SGS Brightsight provides clients with security certification on products and systems. Our job is to ensure the security functionality and robustness of the design within a product and its connected systems. The Senior Penetration Tester will lead security assessment and evaluation projects, conduct tests and advice others how to conduct tests to evaluate security vulnerabilities in applications, IoT devices and networks. The role includes the responsibility over the test environment and test procedures.

The Penetration Tester will conduct tests to evaluate security vulnerabilities in applications, IoT devices and networks. Your job will be to find weaknesses and assess their severity.

More specifically, you will:

• Test the vulnerability of the connectivity layer on electronic products and systems;
• Perform network, web and mobile penetration testing;
• Conduct source code reviews, threat analysis and wireless network assessments;
• Develop scripts, tools or methodologies to facilitate customized testing 

• Educated to degree level in disciplines such as Microelectronics, Physics, Computer Science, Information Technology or a relevant subject; 
• OSCP or GPEN certified
• Experience with Acunetix, OpenVAS or Nessus;
• Experience with Kali Linux and its tools;
• Experience with OWASP and similar methodologies;
• Background of conducting pen tests on enterprise networks and environments, web application and IoT devices advantageous; 
• Protocol and interface fuzzing knowledge;
• Background with testing standards like Common Criteria or UL 290 and conducting cybersecurity assessment and audits.

This position will be based at our lab in Graz.