Penetration Tester

Penetration Tester (Pentester) – Leading DAX Giant, NRW Region

Position Overview

We are seeking a highly skilled and motivated Penetration Tester (Pentester) to join our cybersecurity team at one of the leading DAX-listed companies headquartered in the North Rhine-Westphalia (NRW) region. This is a unique opportunity to work with a global industry leader, driving innovation in the cybersecurity landscape. If you are passionate about uncovering vulnerabilities, enhancing system defenses, and working with cutting-edge technologies, we want to hear from you.

Key Responsibilities

• Conduct Penetration Tests: Perform advanced penetration testing on applications, systems, and networks to identify vulnerabilities.
• Vulnerability Assessments: Analyze and prioritize vulnerabilities, providing clear and actionable recommendations for remediation.
• Red Teaming Exercises: Participate in or lead red teaming engagements to simulate advanced threat scenarios and evaluate the organization’s incident response.
• Security Audits: Collaborate with internal teams to conduct security audits, ensuring compliance with industry standards and regulatory requirements.
• Develop Testing Tools: Build and customize penetration testing tools and scripts to meet specific assessment needs.
• Reporting and Documentation: Create detailed technical reports and executive summaries for stakeholders, clearly articulating risks and proposed mitigations.
• Collaboration: Work closely with IT, DevOps, and risk management teams to improve security posture across the organization.
• IoT and OT Security: Conduct security assessments and penetration tests for Internet of Things (IoT) and Operational Technology (OT) environments, ensuring robust protection against emerging threats.
• Continuous Learning: Stay abreast of the latest security threats, vulnerabilities, and attack vectors. Proactively recommend and implement new security measures as needed.

Qualifications

Essential:

• Proven experience (3+ years) in penetration testing, ethical hacking, or red teaming roles.
• Proficiency in tools such as Burp Suite, Metasploit, Nessus, Kali Linux, and Wireshark.
• Strong knowledge of common attack vectors, exploit development, and post-exploitation techniques.
• Familiarity with network protocols, operating systems (Windows, Linux, macOS), and secure software development practices.
• Experience in cloud security testing (AWS, Azure, or GCP environments).
• Demonstrated expertise in IoT and OT security, including understanding unique challenges in these domains.
• Relevant certifications such as OSCP, CEH, GIAC, or similar.
• Fluency in German (spoken and written) is mandatory.
• Excellent analytical and problem-solving skills, with the ability to think creatively to identify potential weaknesses.
• Strong verbal and written communication skills in both German and English.

Desirable:

• Experience in reverse engineering or malware analysis.
• Knowledge of regulatory frameworks (e.g., GDPR, ISO 27001, NIST).
• Experience working within or leading incident response teams.

Why Join Us?

• Work for a globally recognized industry leader, ranked among the DAX giants.
• Collaborate with a world-class cybersecurity team, tackling real-world challenges.
• Competitive salary and benefits package, including bonuses and professional development opportunities.
• A supportive, innovative, and inclusive work environment.
• State-of-the-art office facilities in the NRW region, with flexible working arrangements.