Wat ga je doen
As a Security Analyst you will be performing security penetration testing on applications and IT infrastructure. Apart from this, you will be working in the Security Operations Center handling complex security incidents and ensure that appropriate countermeasures are taken in a timely manner.
Roles and Responsibilities
- Execute engagements in application security assessments, infrastructure security Penetration Testing, and Vulnerability Assessment on IT infrastructure.
- Profile an application, identifying threats, and developing test cases to target identified threats.
- Identify and exploit vulnerabilities in applications and infrastructure.
- Prepare reports documenting identified issues based on guidelines and industry standards.
- Interact with business in a collaborative consultative manner to deliver results, provide feedback and remediation recommendations on findings.
- Act as a consultant/advisor in presenting risk and mitigation controls to the business based on the assessments (Identify potential vulnerabilities based on misconfiguration, policy, or design flaws on the organization's IT applications and infrastructure.)
- Perform validation on Responsible Disclosures and provide remediation recommendations to business and development teams to mitigate vulnerabilities.
- Apart from these responsibilities, the analyst will be working on various technologies in the Security Operations Center like Endpoint Detection and Response, SIEM solutions, threat intelligence etc.
Wat vragen we van jou
As a Security Analyst you should be innovative, independent and a critical thinker. We expect you to be vigilant at all times so that you can prevent critical information from being stolen, damaged or compromised by hackers.
Desired Technical Experience
- A minimum of around 1 year of experience in security penetration testing.
- Experience on security testing using OWASP TOP 10, OSSTMM, SANS 25 standards as reference in Web Applications Security Assessments.
- Profiling applications, identifying threats, developing test cases and relevant threat models.
- Experience in exploitation of vulnerabilities in applications, networks and IT infrastructure.
- Experience in security testing of mobile applications/API’s of Android/iOS.
- Experience with tools like BurpSuite, Charles Proxy, OWASP Zap, Fiddler, Acunetix, NetSparker, Nessus, Nexpose, Wireshark, Nmap, etc.
- Experience on research of emerging security topics and new attack vectors.
- Knowledge on technologies like IPSEC, SSL, SSH, VPN, DNS, SMTP, FTP.
Skills and Ability
You are a real team player with good interpersonal skills. You should be a self starter who can work independent. You also hace excellent written and verbal communication skills.
Note: Pre-employment screening may be performed.
Wat bieden wij
In addition to a very nice job within a dynamic company, we of course offer you even more:
- A competitive salary
- A performance bonus of up to 8%
- A pass from ‘Shuttel’
- A cell phone and laptop
- 20 vacation days per year based on full-time employment
- An ‘individual choice budget’, consisting of: 8% holiday allowance, 13 extra-statutory leave days, € 300 gross employer contribution ONVZ (if applicable) and € 600 gross employer contribution private lease on an annual basis
- A good pension scheme from Pon
- The opportunity to influence your working hours, travel time and workplace by means of "Smart Working"
- The possibility to work on your development through our summer and winter labs, but also through training and following various courses
Participation in Pon Fit activities, such as bootcamps, running events, golf clinics, hockey, etc.
- The possibility to make use of the collective health insurance (ONVZ) (with discount)
- Staff discount on Pon's own products and services with a maximum of € 500 per year
Over de organisatie
Pon is an international trade and service organization with almost 13,000 employees spread over 450 offices in 32 countries and one of the largest family businesses in the Netherlands.
Information technology is becoming increasingly important to Pon. Pon IT’s vision is to create a highly dynamic environment in which people and their commitment and talent determine the correct use of information & technology, making our companies even more successful.
Partly due to the digitization of our business, information security is of great importance. At Pon it is our mission to provide all our products and services with the necessary security measures. In the unlikely event that something goes wrong, we will respond quickly and adequately.
Pon IT works for various Pon companies and provides expertise and services in the areas of cloud, network, collaboration, data analytics, information security and user support. Our ambition is to deliver a portfolio of digital services that enable our customers to innovate and make a difference for their customers. Our focus is to automate our processes where possible, which benefits the speed of our services.
- You will have two interviews with colleagues
- During these interviews we will discuss 1 or 2 cases to discuss your affinity and knowledge of ethical hacking and to see how you effectively solve problems
- After the two interviews you will discuss the employment conditions with HR
Do you have questions about the position or the expectations? Please contact Lars Drost: email@example.com.