Job Description
We are currently looking on behalf of one of our important clients for a Cybersecurity Penetration Tester (Medical Device Sector). The role is a permanent position based in Solothurn Canton & comes with good home office allowance.
Your Role:
• Develop & implement comprehensive security testing plans to identify potential vulnerabilities, ensuring compliance with industry regulations & security standards.
• Conduct security risk assessments, threat modeling & code reviews to identify & mitigate cybersecurity risks.
• Perform advanced security testing, including penetration testing, vulnerability scanning & code reviews to uncover potential security weaknesses.
• Participate in the selection, development & maintenance of security testing tools & infrastructure.
• Collaborate with external partners to plan & execute penetration testing.
• Integrate automated functional cybersecurity testing into the CI/CD pipeline (DevSecOps).
Your Skills:
• At least 2 years of relevant professional experience in Cybersecurity Testing.
• Solid experience in Standardized Testing Approaches such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST) & Software Composition Analysis (SCA).
• Very proficient in Security Testing Methodologies, Tools & Techniques, including Penetration Testing, Fuzzing & Static/Dynamic Code Analysis.
• A strong understanding of Security Mechanisms for IOS & Android platforms.
• A deep knowledge of Security Principles & the latest associated techniques & Operating System features.
• Familiar with the OWASP Top 10 vulnerabilities & hands-on experience with Automated Testing Tools like Burp Suite, Metasploit, Anchore, Synk & SonarQube.
• Proficient in Programming Languages, specifically Java & Python.
• Accustomed to Secure Software Development Practices, including Secure Coding, Threat Modeling & Secure Design Principles.
Your Profile:
• Completed relevant University Degree.
• Completed Certifications in Cybersecurity (e.g., CISSP, CompTIA Cyber Security, CEH, OSCP).
• Fluent in English (spoken & written), any German language skills are considered a plus.