Jonathan Malone

A Global organistaion we are partnered with are looking for an Offensive Security lead who is responsible for overseeing and executing comprehensive pen testing programs to identify vulnerabilities within systems and networks, enhancing the security and integrity of digital assets. Reporting to the Head of Security Operations, the role involves leading Security Testing as a Service and other testing capabilities, collaborating with cross-functional teams, and shaping the organization's cybersecurity strategy.

Responsibilities and Tasks:

• Develop, plan, and implement security testing programs, including penetration testing, red & purple teaming, and vulnerability assessments.
• Provide guidance during penetration testing campaigns and adversary simulation engagements.
• Collaborate with Vulnerability Management to prioritize vulnerabilities for remediation.
• Generate detailed reports from testing activities, including recommended remediation steps.
• Work closely with cross-functional teams to align security initiatives and promote awareness.
• Evaluate and select security testing tools, staying updated with industry best practices.
• Ensure compliance with industry standards and regulatory requirements.
• Convey security severity to non-technical stakeholders.

Requirements and Qualifications:

• Master's or bachelor's degree in IT, Information Systems Security, Cybersecurity, or related field.
• Five years of experience in information security testing or relevant domain experience.
• Proficiency in penetration testing and red/purple teaming methodologies and tools.
• Strong understanding of operating systems, networks, web applications, and cloud technologies.
• Industry certifications such as OSCP, OSCE, GPEN, PNPT, CRTO, CRTP are desired.
• Commitment to ethical hacking practices and responsible disclosure.
• Experience with threat intelligence frameworks, web application security principles, and security-related legal requirements.
• Strong analytical and problem-solving skills.
• Demonstrated leadership abilities and interpersonal skills.
• Fluent in written and spoken English.

I look forward to your application and discussing it further!

I have an opportunity for you to be a part of one of the biggest players in the solar business who are all about Green energy and making the world a better place. It's a fast-growing and future-oriented startup looking for a Security Engineer to help build secure by design systems, on IoT edge devices and in the cloud while Architecting and overseeing secure software development lifecycle.

Responsibilities:

• Spearhead the development of secure-by-design systems, encompassing IoT edge devices and cloud infrastructure.
• Architect and oversee the implementation of a robust secure software development lifecycle, while actively prototyping and demonstrating hands-on security concepts.
• Assess and integrate all pertinent security considerations such as identity and access management, cryptography, infrastructure, security automation, and compliance.
• Collaborate with the team in selecting and implementing appropriate security tools, and lead incident management and risk mitigation efforts.
• Contribute to the company's vision of democratizing sustainable solar energy through a customer-centric approach, aligning software development with product management and lean, experiment-driven business development.

What We Offer:

• A dynamic environment emphasizing speed, agility, and significant career advancement opportunities.
• Engagement in the energy revolution while taking ownership of sustainable change initiatives.
• An inclusive culture that values diverse perspectives and fosters professional growth.

Core Responsibilities:

• Develop and implement secure solutions, continuously improving application security and addressing issues promptly.
• Enhance overall security posture by optimizing stability, availability, and automation, including conducting load tests and vulnerability scans.
• Contribute to architectural decisions and long-term vision, integrating diverse technologies into a cohesive and secure framework.
• Foster empathy and understanding within the team, ensuring alignment with market needs and stakeholder expectations.

Candidate Profile:

• Minimum 5 years of experience in IT security.
• Strong security mindset with the ability to navigate complex software architectures.
• Proficiency in threat modeling, security by design, and defense in depth principles.
• Familiarity with information security frameworks, standards, and policies.
• Experience with CI/CD, Terraform, Kubernetes, C#, Wiz, and Datadog preferred.
• Deep understanding of cloud computing platforms, particularly Azure.
• Excellent communication skills in English, with proficiency in German as a plus.
• Passion for contributing to the energy transition and driving meaningful impact.
• Demonstrated initiative, leadership, and a commitment to maintaining high standards of security without compromising agility.

I look forward to your application and discussing this further with you.