Penetration Tester – Application
Do you want to become a trusted advisor within the security profession?
We are looking for experienced candidates who combine technical expertise and academic dedication with business understanding and communication skills. You have worked for a while with security or within related disciplines, and want to develop your professional profile further and become a trusted advisor within the security profession.
Maybe you have already worked with security for a number of years? You can also be a developer who is passionate about creating more secure solutions and building your own testing tools, a sysadmin with experience from complex IT environments, a technical architect who has worked with security in major development projects, or a security analyst that solves "Capture the Flag" competitions as a hobby. Anyways, you understand how technology works, you pick things apart and put them back together afterwards, and work hands-on to solve demanding problems in creative ways.
mnemonic responds to the region’s most serious cyberattacks. We work side by side with Europe’s most important organisations and critical infrastructure to protect them from the cyberattacks they see today, and what they can expect to see tomorrow.
At more than 350 employees, we are amongst the largest pure play security companies in Europe, and continue to grow rapidly in Norway and internationally. In addition, we are continually ranked by Great Place to Work as one of Norway’s and Europe’s top workplaces.
You will be working with
You will get the opportunity to work with a wide range of tasks, for example:
- Perform vulnerability analyses and penetration tests of web applications, API and mobile apps.
- Perform code revision and analyse code for zero-days.
- Establish processes and create technical tools for secure development and DevSecOps.
- Establish processes and create technical tools for security testing and handling vulnerabilities.
- Be a part of the development team as a “Security Champion”.
- Give advice on security architecture and solution design.
- Assist in procurement processes and outsourcing.
- Assist with the establishment of cloud solutions and migration, and establish routines for secure operation.
- Establish and development internal test and automation tools.
What you will bring
We are looking for someone that:
- Has completed higher technical education, preferably within security or related disciplines.
- Has minimum three years of experience within development, testing/security testing.
- Has relevant certifications from infosec and pentesting.
- Enjoys working hands-on with technology, picking things apart to understand how they work.
- Has experience with security related work within agile development, DevOps/DevSecOps, Cloud, microservices, serverless computing, automation, and relevant technologies.
- Works structurally and independently, and takes responsibility for his or her own deliveries.
- Has knowledge about frameworks related to secure development, like Microsoft SDL and BSIMM.
- Wants to further develop their security skills and become an expert in his or her field.
- Has the ability to clearly communicate complex technical information, verbally and in writing.
- Has good communication skills in English, both verbally and written.
- Is eligible for security clearance in Norway.
- Has consultancy experience.
If you have many of the qualifications we ask for, but feel that our current vacancies are too specific, you are welcome to submit an open application.
Relevant certifications
- Offensive Security Certified Professional (OSCP)
- GIAC Web Application Penetration Tester (GWAPT)
- Certified Cloud Security Professional (CCSP), Certificate of Cloud Security Knowledge (CCSK)
- General project and method certifications (ITIL, ISTQB, PRINCE2, Scrum, etc).
- CISSP, CISA
You will be working in our Technical Risk Services deparment, a consulting department assisting customers in understanding the technical risks and the vulnerabilities in their IT portfolios.
Among other things, we do penetration and security testing, technical audits, and source code analysis on existing solutions, and establish architecture, processes, and tools to help defend new solutions.
What we can offer
- An informal and pleasant working environment that provides opportunities for growth, influence and variations in tasks
- Competitive salary, share program and bonus scheme that promotes a long-term employment outlook, including attractive pension and insurance coverage
- Opportunities for relevant professional training (courses) and conferences
- We place a strong emphasis on workplace well-being and teambuilding through social activities, events and trips with colleagues. In addition, we have an inclusive environment that promotes work-life balance and accommodates to families. Both in Utrecht and Oslo our offices are centrally located. In Oslo, you'll find us at Solli plass.
- A workplace that has been ranked as one of the best in Europe for a number of years. In Norway we have been amongst the top 10 workplaces for 10 years in a row. This year, we even won our category!
How do I apply?
Email us at [email protected] and write "TRS-consultant" in the subject field. Add a text about why you are right for the job, and your CV.
If you have publications or projects you have worked on that you think represent your technical skills or ability to communicate, please attach or refer to these.
Background check
We use Semac AS for background checks in our recruitment process. It is an advantage if you qualify for a Norwegian security clearance.
Do you have questions about a career in mnemonic?
