Penetration Tester / IT Security Analyst (m/f)

Who we are

Compass Security is a well renowned company specializing in penetration testing, incident response, digital forensics and security trainings, with offices in Switzerland and Germany. As part of our international expansion, Compass Security is further extending its cybersecurity and Hacking-Lab capabilities. After careful evaluation, we decided to establish a subsidiary in Canada's largest and economically most important metropolis in Toronto.

Compass Security research and community contributions regularly gain international recognition. With Hacking-Lab, Compass Security has developed a flagship, comprehensive attack/defense CTF system that has been provided to run the European Cyber Security Challenge. Hacking-Lab is licensed to numerous universities world-wide for education purposes, with an aim to bring up young cyber talents and encouraging them to pursue a career in cyber security. Hands-on security trainings and experience is a key factor for success.

Compass Security means trust and knowledge, both anchors in today's fast changing world.
 

We are looking for...

Penetration Tester / IT Security Analyst (m/f)

 

Your tasks

Your main task is to conduct security assessments on network- as well as on application level.

  • You model/handle threats for applications, systems, infrastructure and concepts
  • You plan, coordinate and simulate attacks
  • You analyze components and configurations in finding out weak points
  • You develop proposals for an appropriate counteraction and generate analysis and reports
  • You present your results to different committees
  • You conduct workshops or live hackings at the customers location or in-house
  • You advise customers in all matters related to IT Security

 

Your profile

You hold a Bachelor’s degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering or you have a proven track record in the field of IT Security and in-depth knowledge as a/an:

  • IT Security Analyst 
  • Developer / Software Engineer
  • Network Administrator
  • Security Engineer

 

The following certificates are welcome: Certified Ethical Hacker, SANS GIAC Penetration Testing, OSCP, OSCE.

Further you have at least one year of experience in penetration testing. Strong technical knowledge and experience are re-quired in areas of penetration testing, vulnerability assessment, exploitation and vulnerability mitigation.


In addition…

  • You speak and write in English (French is seen as an asset but optional)
  • You have the ability to present technical matters to a non-technical audience
  • You have a sound reputation
  • You like to travel and work at customer locations (50%)
  • You have a keen perception of the subject matter of your work
  • You have a valid Canadian Passport or are a Permanent Resident of Canada

 

What we offer…

  • You are a key element in the establishment and growth or our new Canadian subsidiary
  • You can expect a passionate team of IT Security Specialists and Hackers to support you remotely from our other offices in Switzerland and/or Germany
  • You will gain insights on a variety of customers, from startups up to big companies as well as into leading edge technologies and products
  • We offer support through continuing education, individually or in groups (in-house and external)
  • Longtime staff members have the opportunity to attend international conferences
  • We regularly organize team events regarding actual topics 
  • We pay competitively

 

Interested?

We are looking forward receiving the following application documents: 

  • Motivation letter
  • CV (incl. pic.)
  • Letters of reference, References

 

Please send the requested documents as a PDF to hr@compass-security.com

 

Note: We can’t consider applications from job agencies.
 

 

AGENDA

Security Training: Social Engineering

Tauchen Sie ein in die Welt des Social Engineering und lernen Sie die vielseitigen Methoden, Tools und Tricks kennen und verstehen. Weiterlesen

it-sa 2020

Europas führende Fachmesse für IT-Sicherheit findet vom 06. - bis 08. Oktober 2020 im Messezentrum Nürnberg (DE) statt. Reservieren Sie bereits heute... Weiterlesen

KOMPLETTE agenda

aktuelles

Sicherheitsrisiken erkennen und reduzieren

Im «KMU Magazin» gibt Security Analyst Fabio Poloni Tipps, wie KMU sich gegen Cyberangriffe wappnen können.  Weiterlesen

Schwachstelle im Windows Task Scheduler

Sylvain Heiniger hat eine Schwachstelle im Windows Task Scheduler identifiziert. Weiterlesen

Ransomware-Attacke: Datendiebe erpressen Schweizer Unternehmen

Die Schweizer Herstellerin von Schienenfahrzeugen Stadler Rail AG wurde Opfer einer Cyber Attacke. Das Vorgehen der Angreifer sei typisch, sagt... Weiterlesen

ArCHIV

Compass Security Blog

Relaying NTLM authentication over RPC

Since a few years, we - as pentesters - (and probably bad guys as well) make use of NTLM relaying a lot for privilege escalation in Windows networks. In this article, we propose adding support for... mehr

Reversing a .NET Orcus dropper

In this blog post we will reverse engineer a sample which acts as downloader for malware (aka a “dropper”). It is not uncommon to find such a downloader during DFIR engagements so we decided to take a... mehr

ZUM BLOG