Penetration Tester / IT Security Analyst (m/f)

Who we are

Compass Security is a well renowned company specializing in penetration testing, incident response, digital forensics and security trainings, with offices in Switzerland and Germany. As part of our international expansion, Compass Security is further extending its cybersecurity and Hacking-Lab capabilities. After careful evaluation, we decided to establish a subsidiary in Canada's largest and economically most important metropolis in Toronto.

Compass Security research and community contributions regularly gain international recognition. With Hacking-Lab, Compass Security has developed a flagship, comprehensive attack/defense CTF system that has been provided to run the European Cyber Security Challenge. Hacking-Lab is licensed to numerous universities world-wide for education purposes, with an aim to bring up young cyber talents and encouraging them to pursue a career in cyber security. Hands-on security trainings and experience is a key factor for success.

Compass Security means trust and knowledge, both anchors in today's fast changing world.
 

We are looking for...

Penetration Tester / IT Security Analyst (m/f)

 

Your tasks

Your main task is to conduct security assessments on network- as well as on application level.

  • You model/handle threats for applications, systems, infrastructure and concepts
  • You plan, coordinate and simulate attacks
  • You analyze components and configurations in finding out weak points
  • You develop proposals for an appropriate counteraction and generate analysis and reports
  • You present your results to different committees
  • You conduct workshops or live hackings at the customers location or in-house
  • You advise costumers in all matters related to IT Security

 

Your profile

You hold a Bachelor’s degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering or you have a proven track record in the field of IT Security and in-depth knowledge as a/an:

  • IT Security Analyst 
  • Developer / Software Engineer
  • Network Administrator
  • Security Engineer

 

The following certificates are welcome: Certified Ethical Hacker, SANS GIAC Penetration Testing, OSCP, OSCE.

Further you have at least one year of experience in penetration testing. Strong technical knowledge and experience are re-quired in areas of penetration testing, vulnerability assessment, exploitation and vulnerability mitigation.


In addition…

  • You speak and write in English (French is seen as an asset but optional)
  • You have the ability to present technical matters to a non-technical audience
  • You have a sound reputation
  • You like to travel and work at customer locations (50%)
  • You have a keen perception of the subject matter of your work
  • You have a valid Canadian Passport or are a Permanent Resident of Canada

 

What we offer…

  • You are a key element in the establishment and growth or our new Canadian subsidiary
  • You can expect a passionate team of IT Security Specialists and Hackers to support you remotely from our other offices in Switzerland and/or Germany
  • You will gain insights on a variety of customers, from startups up to big companies as well as into leading edge technologies and products
  • We offer support through continuing education, individually or in groups (in-house and external)
  • Longtime staff members have the opportunity to attend international conferences
  • We regularly organize team events regarding actual topics 
  • We pay competitively

 

Interested?

We are looking forward receiving the following application documents: 

  • Motivation letter
  • CV (incl. pic.)
  • Letters of reference, References

 

Please send the requested documents as a PDF to hr@compass-security.com

 

Note: We can’t consider applications from job agencies.
 

 

AGENDA

Securing Industrial IoT

Am 29. August 2019 treffen Experten aus Forschung und Praxis in Bremen zusammen, um gemeinsam zu diskutieren, wie sich Unternehmen aus dem... Weiterlesen

Cyber Risks – von der abstrakten Gefahr zur täglichen Realität

Das Europa Institut an der Universität Zürich (EIZ) ist ein führendes Kompetenzzentren für Europarecht und wichtiger Anbieter von juristischen... Weiterlesen

Swiss Treasury Summit 2019

Das Schweizer Jahrestreffen der Treasurer - am 11. September 2019 an der HSLU in Rotkreuz. Weiterlesen

KOMPLETTE agenda

aktuelles

Schwachstelle im "The Scheduler"-Plugin für Jira

Thierry Viaccoz hat eine XML External Entity (XXE) Schwachstelle im "The Scheduler"-Plugin für Jira identifiziert. Weiterlesen

Schwachstelle in der Email+ iOS-Anwendung bei MobileIron

Sylvain Heiniger hat eine "Cleartext Storage of Sensitive Information" Schwachstelle in der MobileIron Anwendung "Email+" identifiziert. Weiterlesen

Schwachstellen im Universal Automation Center (UAC)

Michael Fisler und Felix Aeppli haben Schwachstellen im Universal Automation Center (UAC) identifiziert. Weiterlesen

ArCHIV

Compass Security Blog

Privilege escalation in Windows Domains (2/3)

This second article about privilege escalation in Windows domains describes how to propagate by aiming for passwords that are lying around. mehr

Privilege escalation in Windows Domains (1/3)

This first article of our series about privilege escalation in Windows domains demonstrates how to get a foothold by relaying credentials from users. mehr

ZUM BLOG