About the Client
Our client is a provider of top-of-the-line medical solutions with innovative strength in diagnostic and therapeutic technologies, including information technology and system integration. therapies, medical IT solutions complemented with advice and service support. They delivers a comprehensive range of solutions - from prevention and early detection to diagnosis, treatment and patient care.
Company benefits:
- Adjustable standing desk as a standard
- MSDN license for each developer with prepaid access to AZURE
- Free access to PLURALSIGHT – the WBT platform
- Team building program - 2 days adventure offsite meeting for all employees every year, Christmas party, extra budget for team building events
- Participation on world famous IT conferences like Microsoft IGNITE for best employees
- Wide project portfolio in healthcare domain and job rotation within company (Cybersecurity, Artificial Intelligence, Healthcare IT services, …)
- Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
- Health program (contracted wellness providers, sport centers, salary reimbursement in case of illness)
- Retention program (work anniversary, life anniversary, additional pension plan, employee loans)
- Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)
About the Role
We are looking for a Penetration tester / Ethical Hacker to work in the Healthcare Cyber Security sector.
Responsibilities
- Identification of security vulnerabilities
- Executing scans, penetration tests, source code analysis, reverse engineering
- Automating vulnerability assessment and penetration testing using scripting
- Provision of security advice with respect to the mitigation and elimination of weaknesses identified in accordance with current Cyber Security Standards by proposing changes from source code to software architecture
- Continuous analysis of threats and weaknesses to develop improved software security concepts
- Creation of application security guidelines and integration of those into the relevant operational and development processes
- Continuous improvement of know how in the field of application security
- Support and oversee the implementation of suggested measures to ensure that Cyber Security is part of the ongoing process
- Analysis of communications security
- Review of roles, profiles and authorization objects to identify potential escalation of privileges
Requirements
Professional skills:
- Multi-year experience in the field of cyber security
- Good understanding of software development and software architecture
- Solid knowledge of technical and organizational aspects of information security
- Scripting in Power Shell
- Experienced with security frameworks NIST, SOX, HIPPA, OWASP
- Experience with using various pentesting tools (BurpSuite, Metasploit, Nessus, SQLmap, etc )
- Understanding of HTTP protocol and analysis of computer networks with Wireshark
- Good understanding of intrusion prevention in IT systems, networks and applications backed up by knowledge of theoretical and practical methods, e.g. threat analysis, penetration test, etc
- Ability to clearly communicate and present technical topics
- Ability to consult in technical and management-related matters
- Experience with threat modeling
Personality requirements and skills:
- Good analytical and problem-solving skills
- Good aptitude for learning new technologies
- Must be able to work in a team environment
- Advanced interpersonal and communications skills
- Good written and verbal communication skills
- Good organizational skills
- Result oriented
- Self-motivated
- Highly collaborative
Nice to Have Skills
n/a