Share this Job
Apply now »

Offensive Security Technical Lead - Senior Pentester

Offensive Security Technical Lead - Senior Pentester

N/A

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
8+ years of experience in penetration testing
 

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology. #CyberSecurityNestle

To grow our capabilities and continue improving Nestlé Cyber resilience, we are looking for an Offensive Security Technical Lead – Senior Pentester to join our Global Cyber Security Operations Centre.

Position Summary

 

Are you an experienced pentester and want to lead technical aspects of a strong international offensive security team with various types of assessments, complex penetration tests & research and red team projects? In this role you will provide technical guidance to the rest of the team as well as work hands on in various assignments keeping up the high-quality offensive security services.
 

As a part of Cyber SOC Vulnerability Management team you will work with cross-functional multinational teams, you will create or improve operational processes, work on integration with other tools and automation, identify threats and security gaps, and collaborate with the Security Community of Practice to develop measures to protect the company information. This ambitious program is currently in active improvement implementation phase, bringing the opportunity to greatly contribute to the evolution and success of this company wide visible initiative. 
 

A day in the life of...

 

  • Manage the full life-cycle of penetration testing engagements
  • Mentor and guide the offensive security team with experts in several offensive security areas
  • Manage and coordinate third-party vendors
  • Lead the effective and efficient delivery of large, complex offensive security projects
  • Track metrics and delivery against offensive security program goals and implement proposals to improve program services, efficiency, and consistency
  • Contribute to the design and implementation of automation workflows for penetration testing.
  • Stay current on attack techniques, weaknesses and vulnerabilities. 
  • Collaborate and communicate with leadership, partner teams, and service owners
  • Drive effective teamwork, communication, collaboration and commitment across multiple groups with competing priorities
  • Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures and guidelines to enable proper risk mitigation for each business capability
     

What will make you successful

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree
  • 8+ years of penetration testing, cyber security and threat assessment
  • In-depth understanding of: automated and manual techniques to test security within the systems and network protocols, web application technologies and knowledge of the OWASP testing frameworks, Cloud and on-premise infrastructure, Red Teaming methodologies and AD attacks, and the ability to investigate malware behavior. 
  • Concepts of IoT security and how SDR works is a plus.       
  • Experience with offensive tools such as Qualys, Metasploit, Burp Suite, Bloodhound, SDR, Wireless, Intercepting Proxies, or others
  • Experience in some scripting language such as python or PowerShell. 
  • Relevant technical and industry certifications are a plus, e.g. OSCP or GIAC certifications.
  • Ability to present information to a wide variety of internal stakeholders, including senior level leadership.
  • Experience with effective communication at different levels in the organization and in English.
  • Experience having worked in a global environment and with virtual teams.
     

Benefits


 

  • An attractive and dynamic international working environment with the most talented and engaged IT professionals in their field and working with best-in class technologies
  • Be yourself @Nestlé, everyone else is taken! Our values are rooted in respect, we champion diversity and inclusion, and believe on the power of diversity to build winning teams where everyone can be the best version of themselves  
  • Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset
  • Great benefits including competitive salary and a comprehensive social benefits package
  • Hybrid working environment with flexible working scheme, allowing everyone to meet their needs enjoying the advantages of remote work and combining with the amazing Nestlé facilities (dog friendly!) and culture
     

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

N/A

N/A

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
8+ years of experience in penetration testing
 

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology. #CyberSecurityNestle

To grow our capabilities and continue improving Nestlé Cyber resilience, we are looking for an Offensive Security Technical Lead – Senior Pentester to join our Global Cyber Security Operations Centre.

Position Summary

 

Are you an experienced pentester and want to lead technical aspects of a strong international offensive security team with various types of assessments, complex penetration tests & research and red team projects? In this role you will provide technical guidance to the rest of the team as well as work hands on in various assignments keeping up the high-quality offensive security services.
 

As a part of Cyber SOC Vulnerability Management team you will work with cross-functional multinational teams, you will create or improve operational processes, work on integration with other tools and automation, identify threats and security gaps, and collaborate with the Security Community of Practice to develop measures to protect the company information. This ambitious program is currently in active improvement implementation phase, bringing the opportunity to greatly contribute to the evolution and success of this company wide visible initiative. 
 

A day in the life of...

 

  • Manage the full life-cycle of penetration testing engagements
  • Mentor and guide the offensive security team with experts in several offensive security areas
  • Manage and coordinate third-party vendors
  • Lead the effective and efficient delivery of large, complex offensive security projects
  • Track metrics and delivery against offensive security program goals and implement proposals to improve program services, efficiency, and consistency
  • Contribute to the design and implementation of automation workflows for penetration testing.
  • Stay current on attack techniques, weaknesses and vulnerabilities. 
  • Collaborate and communicate with leadership, partner teams, and service owners
  • Drive effective teamwork, communication, collaboration and commitment across multiple groups with competing priorities
  • Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures and guidelines to enable proper risk mitigation for each business capability
     

What will make you successful

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree
  • 8+ years of penetration testing, cyber security and threat assessment
  • In-depth understanding of: automated and manual techniques to test security within the systems and network protocols, web application technologies and knowledge of the OWASP testing frameworks, Cloud and on-premise infrastructure, Red Teaming methodologies and AD attacks, and the ability to investigate malware behavior. 
  • Concepts of IoT security and how SDR works is a plus.       
  • Experience with offensive tools such as Qualys, Metasploit, Burp Suite, Bloodhound, SDR, Wireless, Intercepting Proxies, or others
  • Experience in some scripting language such as python or PowerShell. 
  • Relevant technical and industry certifications are a plus, e.g. OSCP or GIAC certifications.
  • Ability to present information to a wide variety of internal stakeholders, including senior level leadership.
  • Experience with effective communication at different levels in the organization and in English.
  • Experience having worked in a global environment and with virtual teams.
     

Benefits


 

  • An attractive and dynamic international working environment with the most talented and engaged IT professionals in their field and working with best-in class technologies
  • Be yourself @Nestlé, everyone else is taken! Our values are rooted in respect, we champion diversity and inclusion, and believe on the power of diversity to build winning teams where everyone can be the best version of themselves  
  • Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset
  • Great benefits including competitive salary and a comprehensive social benefits package
  • Hybrid working environment with flexible working scheme, allowing everyone to meet their needs enjoying the advantages of remote work and combining with the amazing Nestlé facilities (dog friendly!) and culture
     

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

N/A

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Apply now »