We are an international technology services company founded in 1983 and currently have over 2,000 employees in 5 countries: France, Spain, Romania, Portugal, and Luxembourg!What are we looking for?An Application Security Pentest Coordinator to join a stable international project, based in Madrid.Responsibilities:
Si desea conocer los requisitos para este puesto, siga leyendo para obtener toda la información relevante.
* Coordinate and oversee Application Penetration testing services performed by external providers, ensuring compliance with security standards, timelines, and organizational requirements
* Coordinate and oversee Static (Code) Application Security Testing (SAST scans) services performed by external providers, ensuring compliance with security standards, timelines, and organizational requirements and validation of proposed remediation efforts.
* Act as the Security Referent for the support and follow-up of:
o Full coordination of the pentesting process (internal customer side of penetration testing service coordination) by ensuring its execution within the timelines upon each new applications' releases in coordination with application owners for planning and execution.o Regular follow-up on the backlog of applications to be tested.• Full-service coordination lifecycle of pentesting and SAST services:o Planning: Validate requirements, define scope, and organize kick-off / closing meetings with the Business and.o Execution: Ensure providers have the necessary credentials, environments, and permissions..o Monitoring: Track progress, support resolution of blocking point, and ensure adherence to guidelines and good practices.o Closure: Review reports, validate findings, and coordinate remediation plans.
* Act as the primary link between the internal Cybersecurity teams and pentesting service vendors.
* Ensure service delivery alignment and compliance with internal policies during testing.
Requirements:
* Management of the MS Office package (Excel, Power Point, Share Point, etc).
* Ticketing tool (Service Now, Jira...)
* Strong knowledge of application security and penetration testing methodologies.
* Familiarity with web, mobile, and API technologies.
* Global knowledge of application security architecture (application layering, DMZs, WAFs, etc.), network segmentation, web application security best practices like development environments (dev, prod, test)
* Ability to interpret and validate technical reports.
* English level C1 or higher.
* 4 years of proven working experience in cybersecurity fields like vulnerability management, security assessment/testing or application security.
* Experience coordinating activities/services -process oriented, not people oriented.
Valuable
* Knowledge of Risk methodology
* Cyber security culture
* Certifications such as e JPT, e WPT(X), CEH, etc. would be a plus.
* Knowledge of SAST tools such as Fortify / Sonar Q would be a plus.
* Work Model:
Hibrid.Flexible hours, Monday to Friday. We offer:Continuous trainingCareer plan tailored to employee preferencesProgression within the companyFlexible working hoursHybrid work modelLanguage training (English, French, Spanish).Salary: 55.000€Would you like to join our team? xpzdshu If you have experience in data and are looking to grow technically and professionally, don't hesitate to apply for this position. Contact us!