Security Test Engineer (Pentester)

Security Test Engineer (Pentester)

Zurich Capability Center is looking for:

Security Test Engineer

Zurich is heavily transforming to an organization where all our projects are built following Agile and DevOps methodologies. You have the chance to actively be part of this transformation and help shaping the future.

You’ll be responsible provide penetration testing for the Application Security Testing CoE Team. The team provides global support to Zurich IT projects to enable them to perform and report on penetration tests. You will be working in a very dynamic environment using advanced vulnerabilities/threats identification solutions with professional opportunities to grow in CoE team and beyond and up skilling opportunities

Your Main Responsibilities Will Involve

• Minimum 6+ years of experience providing cyber security expertise oriented to offensive security and threat intelligence with specific security operations, execution and general security practices knowledge
• Ability to tackle of large range of security topics from hardware, networks, systems, applications to data, and new digital capabilities
• Knowledge of cyber threats and vulnerabilities: How to properly identify, classify, and remediate threats, as well as analysis of security events, log data, and network traffic.
• Knowledge of Models to describe and document cyberattacks (eg reconnaissance, scanning, enumeration, persistence, lateral movement, exfiltration) such as Cyber Kill Chain, Diamond model or MITRE ATT&CK.
• Knowledge and management of the main ethical hacking methodologies: OWASP, OSSTMM, OWISA, etc.
• Technical knowledge and experience in Security areas such as Penetration testing (webapp, Infrastructure, Cloud), red teaming, Information and Event Management (SIEM), Logging, Firewalls, NFGW and WAF, Endpoint Detection and Response (EDR), Intrusion Prevention and Detection Systems (IPDS), and Cyber Threat Intelligence.
• Desirable, in-depth knowledge of the CTI processes and OSINT tools and techniques, including social media and dark web monitoring (TOR, I2P, etc.) and experience with common threat intelligence models, tools, sources and feeds.
• Possess certifications such as CEH, OSCP, CTIA, GCTI, GNFA or similar, are a plus

Who we are

Looking for a challenging and inspiring work environment where you can make a difference? At Zurich millions of individuals and businesses place their trust in our products and services every day. Our 53,000 employees worldwide form the basis of our success, enabling, businesses and communities to face a world of risk with confidence. Imagine if you could help people do this all over the world. You’d give them confidence and reassurance by protecting what they love most. It’s a big challenge, but you will be supported by a world-class team who believe in helping you to reach your full potential and deliver on our promises.

So be challenged. Be inspired. Help us make a difference.

At Zurich we are an equal opportunity employer. We attract and retain the best qualified individuals available, without regard to race/ethnicity, religion, gender, sexual orientation, age, or disability.