Connecting to LinkedIn...

Penetration & Web Vulnerability Tester - NATO

Job Title: Penetration & Web Vulnerability Tester - NATO
Contract Type: Contract
Location: Mons, Belgium
REF: 1367
Contact Name: Mark Gale
Job Published: over 1 year ago

Job Description

6202 - Penetration & Web Vulnerability Tester - L1 (Mons or The Hague)



This is a Level 1 position and we are urgently seeking someone to start ASAP

This is a long term contract - at least 1 year - though will start as 3 months initially


This role will require you to perform a high amount of manual and automated penetration tests in short time scales (almost one per week where you will need to provide detailed analysis). All these have to be made with high precision and using various technologies (which requires a wide and detailed knowledge of many IT areas). Pressure for each of tests is very high because of the risk placed in case of any vulnerability missed (especially at the operational level, e.g. ISAF scope application).



The profile of the contractor shall meet the following mandatory requirements (and you need to ensure the CV clearly shows this):

  • At least the last 3 years as a full-time Penetration Tester (not just carrying our Pen Testing as part of your role)
  • Hands-on experience in script development related to penetration testing activities
  • Experience in testing cryptographic implementations
  • Up to date with latest penetration testing tools and technologies
  • Ability to conduct penetration testing techniques, exploitation and post-exploitation
  • Ability to define and scope penetration testing requirements
  • Strong knowledge in Web application penetration testing
  • Strong knowledge in Network penetration testing
  • Source Code assessment skills in multiple language such as C, C#, PHP, ASP, Java etc
  • Teamwork and adaptability with high integrity and work ethics; and a good communicator


The profile of the contractor should also meet the following desirable requirements:

  • Certified CHECK team member/leader or equivalent (CREST or TIGER or SANS GPEN or GXPN)
  • Published security research/vulnerabilities (possibly with CVE attribution) or winner of CTF/bug bounty programs
  • Tools Development (shell scripting, Python, Ruby, etc)
  • Social Engineering skills
  • Exploit development experience and ability to defeat protection mechanisms


MUST HAVE CURRENT NATO SECRET CLEARANCE ideally with CTS in place, or you have the ability to obtain this.