Talent.com
Deze vacature is niet beschikbaar in je land.
SC2024-003981 Penetration Testing Services (NS) - THU 23 Jan

SC2024-003981 Penetration Testing Services (NS) - THU 23 Jan

EMW, Inc.NL
25 dagen geleden
Vacaturetype
  • Op afstand
  • Quick Apply
Functieomschrijving

Deadline Date : Thursday 23 January 2025

Requirement : Penetration Testing Services

Location : Off-Site

Note : Please refer to your Subcontract Agreement, article 6.4.1.a, which states “Off-Site Discount : 5% (this discount is applicable to all requirements, and applies when the assigned personnel are permitted to work Off-Site, such as at- home)". Please be sure to price this discount in your overall price proposal when submitting bids against off-site RFQs

Total Scope of the request (hours) : 836

Required Start Date : 10 March 2025

End Contract Date : 31 December 2025

Required Security Clearance : NATO SECRET

Duties and Role :

The duties of the individual mainly focus on :

  • Provide Web and application level penetration testing;
  • Provide security design reviews to ensure compliance with NATO policies and directives;
  • Provide security consultancy and advice to projects, plans, and other entities;
  • Brief at technical levels on security reports and testing outcome

Requirements

Skill, Knowledge & Experience :

  • The candidate must have a currently active NATO SECRET security clearance

    • The required skillset for the contracted individual is extensive knowledge and experience (more than 5 years) in the following areas :

  • Web application and thick-client penetration testing;
  • Assessing security vulnerabilities within OS, software, protocols & networks;
  • Researching and evaluating security products & technologies;
  • Knowledge in system and network administration of UNIX and Windows systems;
  • Use of penetration testing tools, techniques, and recognized testing methodologies;
  • Scripting skills in at least one of the following : Perl, Python, Ruby, shell (bash, ksh, csh);
  • Technical knowledge in system and network security, authentication and security protocols, cryptography, application security, as well as, malware infection techniques and protection technologies;
  • Ability to evaluate risks and formulate mitigation plans;
  • Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation plan.