Capgemini’s Cloud Infrastructure Services unit is a global team of technology experts and domain specialists that helps businesses from all around the world extract maximum business value from their IT investment and facilitates their journeys to the cloud.
In addition to facilitating journeys to the cloud, we support businesses by providing services such as helpdesk services (human and AI powered), network access and maintenance, hosting and maintaining applications, IT operations and much more. We do all this in 24 languages from 4 locations in Poland.
Join our global team and be part of technology transformation.
We are seeking a Penetration Tester to develop and implement a Red Team/Hunt function. The selected candidate must have previous Red Team/Hunt experience and meet the competency of a mid to senior level penetration tester.
The position will be responsible for performing test-based assessments of client infrastructures using standard hacking methodologies. The candidate will maintain the highest ethical standards and adherence to established rules of engagement.
The candidate should have excellent communication skills, both written and oral, and have the ability to interact successfully with clients from the executive level down in both structured and unstructured situations.
• Strong cyber threat intelligence and information security experience in complex organizations
• Previous penetration testing experience and familiarity with commonly used tools and tactics
• Familiarity with cyber security threats, defenses, motivations and techniques
• Familiarity with security concerns facing large enterprises
• Experience with offensive security analysis tools and tactics
• Experience performing open source research
• Experience distilling raw information into actionable intelligence
• Proficiency with Microsoft Office, PowerPoint and Microsoft Publisher
• Familiarity with Python, Perl, or Ruby
• Must be self-starter, eager to take the initiative
• Operational understanding of TCP/IP and computer networking. Knowledge of the functions of security technologies such as IPS/IDS, Firewalls, Security Information and Event Management tools, etc a plus
• Possession of industry standard certification such as OSCP, CEH, GPEN and/or other relevant penetration testing related certifications a plus
• Familiarity with the creation of Metasploit modules a plus
• Familiarity with public cloud architectures and SOC operations that support public cloud operating models
• Preferred skills include experience with Operational Technology testing (ie. ICS, PCN, SCADA, etc).
In the role your responsibilities will be to:
• Assist with development of Red Team/Hunt processes, procedures, metrics and test schedule
• Assist with identification of technology required to perform Red Team function
• Assist with development of Threat Hunting function that leverages threat intelligence and Indicators of Compromise (IOCs) to detect threats, identify security gaps and improve SOC operations
• Provide on the job training to Red Team/Hunt team and coordinate tasking for team members
• Assist with development and maintenance of adversary campaign tactics for Red Team use
• Perform application and infrastructure based penetration tests
• Perform physical security review
• Perform social engineering tests
• Perform reviews and audits of information security programs and processes as required, covering web application and services, applications software, and computer networks
• Develop scripts and programs for penetration test automation
• Have understanding, and experience in, evaluating nation-state, hacktivists, and cybercriminal capabilities and activity
• Communicate to team members and senior leadership cyber risk(s) to the enterprise though operational briefings and penetration test reports
• Ability to identify trends in cyberspace with regards to adversary tactics, techniques, and procedures, targeting, malware development and implementation
• Track metrics and trend analysis on discovered attacks, vulnerabilities, and mitigations
• Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks
• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
Our Cybersecurity team is managing projects such as Cybersecurity Client Experience Center, Cloud Security Services, Managed Security Services Platform and many, many more.
Capgemini Cybersecurity practice is a global Microsoft and Amazon partner which gives us large training and certification benefits to develop cloud security skills.
We also offer wide certification opportunity covering: (ISC)2, ISACA, CompTIA and many more.
By joining us you will become a part of independent team of professionals focusing on results in dynamic, fast paced projects environment, specifically in area Cloud Security.
We promise you will never be bored with monotonic, day to day operational tasks. Instead, you will be tackling challenges requiring analytical and creative thinking. Our strategy assumes growth through which we will bring an accessible set of consulting skills to the market. We strive for our consultants to be well balanced between business and technology areas.
- Working with great people and in legendary atmosphere
- No formal dress code
- Annual family picnics
- Unforgettable integrational events
- Employee volunteering opportunities and interesting CSR projects
- We value and respect diversity in terms of gender, nationality, roles, age, interests
- Internal celebration initiatives: Children's Day, St. Nicholas Day and many more
- Supporting employees' hobbies: Business Run, e-sport games, basketball, volleyball
- Development in expert or leader competencies
- Broad training offer with possible co-funding
- Access to MIT Sloan Management Review Polska knowledge base
- Introduction plan for new employees and Buddy Initiative
- A wide range of instructor-led and e-learning trainings
- Co-financing for post-graduate studies and courses
- Many companies under one roof / internal headhunters
- Internal development events: conferences, meetings, communities
- Education First platform for learning English online
- Bonuses, including those for new employees recommendation
- Additional life insurance
- Access to MyAudiobooks – Entertainment and personal growth in audio version
- Attractive package of extra benefits of your choosing (fitness, gym, cinema, etc.)
- Disability inclusion, assistive technologies, reasonable accommodations
- Private medical care for you and your family
- Bicycle parking and carpooling options
- Free coffee, water, milk and wide range of teas
- Anti-smog plants in offices
- Car leasing