Senior Penetration Tester – Cybersecurity

  • Oneconsult
  • Hybrid (Zürich, ZH, Switzerland)
  • 09/11/2023
Full time Data Science Machine Learning Artificial Intelligence Biostatistics Cybersecurity

Job Description

Level of employment: 80 – 100%
Place of work: Zurich or Bern

What's waiting for you

In demanding projects, you test ICT infrastructures, applications, etc. using penetration tests, document the findings professionally and present them at management level. In addition, you will take on red team tasks, from technical attack simulation to social engineering and any physical assessments. You actively help to further develop our services and actively promote the exchange of knowledge (internal and external). Depending on the size and complexity of the project, the assignments are carried out alone or in dynamically formed project teams and last from a few weeks to several months. In the first few months of your employment, you will complete Oneconsult's internal training program individually in order to convey our professional and quality standards.

You find vulnerabilities and security gaps in systems, applications or infrastructures of companies in different industries, using offensive security techniques and tools. In most cases, the technical security audits are carried out using the OSSTMM method or follow the OWASP Application Security Verification Standard or other established test procedures. In regular communication with the customer, you support them in optimizing their cyber resilience.

Your varied areas of activity include the following tasks:

  • Finding and analyzing security gaps and vulnerabilities using penetration tests, code and config reviews as well as reverse engineering in web applications, mobile apps (iOS, Android), networks, embedded devices, ICS (SCADA / DCS), complex infrastructures, cloud services and cloud components Etc.
  • Red teaming, technical attack simulation
  • Ev. Social Engineering und Physical Assessments
  • Responsible for carrying out projects from kick-off to final presentation
  • Documenting the project in the form of reports, advisories, etc.
  • Support in determining needs (scoping) and quality controls (technical reviews)
  • Significant participation in developing our services for customers
  • Further development of supporting tools and aids

What we offer you

...exciting and challenging penetration testing and red teaming projects to live your passion. As Oneconsult, we are passionate about increasing the cyber resilience of our customers, rely on structure, quality and see ourselves as mentors. You are the focus of the successful implementation of projects and can contribute all your experience and specialist knowledge to our customers on a daily basis. You are in the middle of a constantly learning organization - you help teammates and you will always find someone who takes time for you and supports you when things get challenging. We also attach great importance to the personal development of experienced employees, which we support through various internal and external training opportunities or individual initiatives. Internal developments in other specialist areas such as incident response, forensics, consulting, etc. are also possible in the medium term.

You can also look forward to the following:

  • A variety of motivated and competent colleagues who, together with you, ensure a great working atmosphere
  • Your vote counts! We take time for the opinions and ideas of our employees and incorporate them into decisions
  • We have a first-name culture where mutual respect and tolerance are practiced
  • Appreciation and feedback are an important part of our everyday life. We also count on your constructive criticism
  • We use various platforms to ensure a clear and regular flow of information internally
  • We offer you scope for action and decision-making so that you can gain your own experience and develop further
  • You can actively participate in the further development of the services and organization
  • You will learn about the latest technologies and methods
  • Modern and spacious offices with a variety of shopping and dining options in the immediate vicinity
  • Opportunity to publish specialist articles, give lectures and attend security events at home and abroad
  • Flexible working conditions (e.g. part-time and home office)

We also offer you numerous other benefits such as a generous training budget, participation in health-promoting measures, smartphone with premium flat rate subscription, sit/stand desk, team events, additional day off on your birthday and much more.

What you bring with you

  • Solid basic training, preferably in the field of computer science with training/further training in the area of ​​cybersecurity
  • Several years of proven professional experience as a penetration tester, preferably supported by certifications (e.g. OSCP, OPST, BSCP etc.)
  • Very good practical and methodical knowledge of using common IT security tools (Kali Linux, Metasploit, nmap, Burp Suite, Wireshark, etc.)
  • Good specialist knowledge in the area of ​​network – IT infrastructure – cloud and/or in software development with various programming languages
  • You impress customers with your professional appearance and your strong communication and presentation skills
  • Stylish German and good knowledge of English (spoken and written)
  • Impeccable reputation (proof via current criminal and debt collection register extract)

Have we ignited the fire in you? We look forward to your call or your complete application documents stating your preferred workload. It is important to us that you can feel your passion for cybersecurity in your application.

Direct applications only please: inquiries from job agents/headhunters are not welcome.

PGP Public Key

Contact person

Melanie Merkli
Head of Human Resources Management
+41 43 377 22 05