DIESEC™, a brand of Dietzel & Company GmbH, provides competent consultancy on governance, compliance, risk management and structured implementation of IT security.
The complexity, requirements and tasks are constantly increasing: Therefore we are looking for new team players (m/f/d).

• Operation of vulnerability scanner tools, including network scanners and vulnerability scanners.
• Manual verification of vulnerability scanner results (OS, Middleware and Web Application Issues), false positive analysis and exploitation.
• Penetration test documentation and report generation.
• Plan, lead and support stakeholders in remediation of vulnerabilities.
• Act as an escalation point of contact for team members, vendors and stakeholders.
• Be able to review the scope for penetration testing and risk ratings for vulnerabilities.
• Be able to deliver projects under a rigid schedule.
• Provide technical advice to Senior Management on security topics.
• Maintains quality service by establishing and enforcing organization standards.

• Bachelor’s degree in Computer Science, Engineering, Information Security or equivalent.
• Ideally 5 years of IT Security experience, 3 or more years of penetration testing or vulnerability assessment in a large organization.
• A strong understanding of security concepts, vulnerability management and exploitation methods. Especially in the infrastructure and OS space such as Windows and UNIX, and mobile OS platforms (Android/iOS).
• A good understanding of web technologies and web security hardening techniques, including IIS, Tomcat, Weblogic and Apache.
• Some experience required for penetration tests in the following areas, ideally several years of experience in penetration testing on:
  - Network Infrastructures
  - Web Applications and Web Services
  - Rich Clients
  - IOS and Android mobile applications
• Practical knowledge with a strong approach in documentation and presentation.
• Very good analytical skills, with the ability to breakdown complex problems into actionable steps.
• The ability to communicate IT security issues to other business areas in technical and non-technical language.
• Some of the following certifications: OSCP, OSCE, OSWE, CISSP, CISM, CEH or SANS Certification (GWAPT).
• Knowledge of the ITIL framework would be an advantage.
• Previous experience in project management preferred, especially support and tracking remediation.
• Software Development and design of Web-Applications (Basics).
• PHP, Python, Perl, Java, JavaScript, SQL, TCP/IP, ISO/OSI layered system structure (Basics).
• Tools used NMAP, Nessus / OpenVAS / Qualys, Burp, shell scripting, automation in reporting, exploitation etc.
• Good language and communication skills in English are required, German language skills are a plus. Written fluency in English is important as all project related communication will be in English language.
• Strong team player and good social skills.
• Self-organizing and committed to your tasks.

• Great working atmosphere
• Interesting and varied tasks as well as continuous training opportunities
• Emphasis on work-life balance
• An excellent and motivated team with high professional competence
• Work from home opportunities
• Flexible working hours