Address: Rue de la Loi 107, 1000 Brussels, BE Tel: +32 2 295 2100

IT Security Officer - Penetration Tester

Contract Agent Function Group IV

COOP - Cooperation
OFFSEC

What we propose

DIGIT CERT-EU is seeking to hire a truly motivated “IT Security Officer: Penetration Tester” to join our Offensive Security team.

The primary purpose of this role is to provide cybersecurity services to more than 90 European Union institutions, bodies, offices and agencies. Our penetration testers also work closely with the other experts of the Offensive Security Team and collaborate frequently with other CERT-EU teams.

The main activities of the selected candidate will include, but are not limited to:

  • Vulnerability assessments and scans
  • Penetration testing, mainly web applications, including reporting and recommendations.

The job holder will be involved in projects aiming at delivering new service capabilities and will participate in the definition, implementation and delivery of such projects.

In addition to the main duties, the selected candidate will participate in the general set of tasks executed by the team, which include:

  • Setting up and maintaining the inventory of identified vulnerabilities and the measures undertaken to reduce the associated risks
  • Communicating with business owners and technical stakeholders
  • Suggesting possible improvements to the operational processes, and reporting on the efficiency and maturity of the vulnerability assessment and penetration testing services
  • Evaluating, deploying and maintaining tools and solutions needed to deliver the services
  • Assessing findings and writing detailed reports
  • Cooperating with Union entities and third-party service providers
  • Translating findings into clear and actionable corrective measures.

Who we look for

The ideal candidate must possess at least two years of experience as penetration tester and possess a university-issued diploma or equivalent.

The ideal candidate will possess some, or all, of the following knowledge/experience/skills:

  • Web application assessment experience with thorough knowledge of OWASP
  • Familiarity with security testing tools (e.g. Burp Suite)
  • Knowledgeable with mobile application testing (DAST/SAST)
  • Service delivery experience
  • Experience in vulnerability assessments and penetration testing in cloud environments
  • Penetration testing security certification (e.g. GWAPT, OSCP, OSCE)
  • Coding capability (e.g. Python, Go)
  • Experience in automating processes.

The selected candidate should also demonstrate the following required skills and characteristics:

  • Analytic sharpness in ability to think like a threat actor or attacker
  • A strong focus on understanding and prioritising customer needs
  • Strong analytical and problem-solving skills, including the ability to deal with a large amount of information in a limited time
  • Ability to establish and maintain effective working relations with co-workers in an international and multi-disciplinary work environment
  • A high degree of commitment and flexibility
  • Excellent communication skills in English, both orally and in writing
  • A focus on constant learning and improvement of technical and personal skills
  • The ability to adjust to a wide range of IT technologies and swiftly become proficient in new ones.

The candidate must hold a security clearance at EU SECRET level or be in a position to be security cleared.

What we offer

  • A friendly and multicultural workplace
  • A stimulating and unique environment where personal development, growth and initiative are encouraged
  • Continuous learning opportunities
  • Working with a supportive and dynamic team with a deep sense of mission
  • Flexible scheduling with the possibility to work from home on a part-time basis
  • An attractive salary.

Consult the Jobs at the European Commission page for more information on the working conditions. Please note that the position is based in Brussels, Belgium. Full remote work is not possible at this time.

Are you eligible

To apply, you have to:

  • Be a national of one of the Member States of the European Union
  • Be able to provide a certificate of good conduct
  • Have fulfilled any legal obligations related to military service
  • Be able to produce evidence of thorough knowledge of one of the official EU languages (level C1) and satisfactory knowledge of a second official EU language (level B2).

Additionally, to be recruited as a contract agent, you must have:

  • For function groups II and III:
    • a level of post-secondary education attested by a diploma, or
    • a level of secondary education attested by a diploma giving access to post-secondary education, and appropriate professional experience of at least three years, or
    • professional training or professional experience of an equivalent level, where justified in the interest of the service.
  • For function group IV:
    • a level of education which corresponds to completed university studies of at least three years attested by a diploma, or
    • professional training of an equivalent level, where justified in the interest of the service.

If so, then apply!

  • Send an email to secretariat@cert.europa.eu with your CV (and a motivation letter if possible). Please provide the title of the position you are applying for in the subject of your email.
  • If your skill-set matches the requirements, we will contact you for an informal interview to introduce you to CERT-EU, get to know you better and answer questions you might have
  • If the informal interview goes well, you will need to take a CAST test. Worry not, our wonderful secretariat will supply all the necessary information
  • Once you succeed in the CAST test, we will then invite you for a formal interview in view of a possible recruitment.

We got cookies

We only use cookies that are necessary for the technical functioning of our website. Find out more on here.