Connecting to LinkedIn...

Penetration Tester x 2 - NATO COSMIC Clearance

Job Title: Penetration Tester x 2 - NATO COSMIC Clearance
Contract Type: Contract
Location: Mons, Belgium
REF: 816
Contact Name: Mark Gale
Contact Email:
Job Published: about 2 years ago

Job Description

6202 - Penetration Tester x2 - L1

Mons, Belgium



This is a Level 1 position and we are urgently seeking to fill two positions immediately; these will be long term at least 2017, though will likely start as 3 month initially


This role will require you to perform a high amount of penetration tests in short time scales (almost one per week where you will need to provide detailed analysis). All of these have to be made with high precision and using various technologies (which requires a wide and detailed knowledge of many IT areas). Pressure for each of tests is very high because of the risk placed in case of any vulnerability missed (especially at the operational level, e.g. ISAF scope application).


MUST HAVE CURRENT NATO SECRET CLEARANCE ideally with CTS in place, or you have the ability to obtain this



The profile of the contractor shall meet the following mandatory requirements:


  • Last 3-4 years as a full-time Penetration Tester
  • Hands-on experience in script development related to penetration testing activities
  • Experience in testing cryptographic implementations
  • Up to date with latest penetration testing tools and technologies
  • Ability to conduct penetration testing techniques, exploitation and post-exploitation
  • Ability to define and scope penetration testing requirements
  • Strong knowledge in Web application penetration testing
  • Strong knowledge in Network penetration testing
  • Source Code assessment skills in multiple language such as C, C#, PHP, ASP, Java etc
  • Teamwork and adaptability with high integrity and work ethics; and a good communicator


The profile of the contractor should also meet the following desirable requirements:


  • Certified CHECK team member/leader or equivalent (CREST or TIGER or SANS GPEN or GXPN)
  • Published security research/vulnerabilities (possibly with CVE attribution) or winner of CTF/bug bounty programs
  • Tools Development (shell scripting, Python, Ruby, etc)
  • Social Engineering skills
  • Exploit development experience and ability to defeat protection mechanisms