Pentest Coordinator

We are an international technology services company founded in 1983 and currently have over 2,000 employees in 5 countries: France, Spain, Romania, Portugal, and Luxembourg

What are we looking for?

An Application Security Pentest Coordinator to join a stable international project, based in Madrid.

Responsibilities:

• Coordinate and oversee Application Penetration testing services performed by external providers, ensuring compliance with security standards, timelines, and organizational requirements

• Coordinate and oversee Static (Code) Application Security Testing (SAST scans) services performed by external providers, ensuring compliance with security standards, timelines, and organizational requirements and validation of proposed remediation efforts.

• Act as the Security Referent for the support and follow-up of:

o Full coordination of the pentesting process (internal customer side of penetration testing service coordination) by ensuring its execution within the timelines upon each new applications' releases in coordination with application owners for planning and execution.

o Regular follow-up on the backlog of applications to be tested.

• Full-service coordination lifecycle of pentesting and SAST services:

o Planning: Validate requirements, define scope, and organize kick-off / closing meetings with the Business and.

o Execution: Ensure providers have the necessary credentials, environments, and permissions..

o Monitoring: Track progress, support resolution of blocking point, and ensure adherence to guidelines and good practices.

o Closure: Review reports, validate findings, and coordinate remediation plans.

• Act as the primary link between the internal Cybersecurity teams and pentesting service vendors.

• Ensure service delivery alignment and compliance with internal policies during testing.

Requirements:

• Management of the MS Office package (Excel, PowerPoint, SharePoint, etc).

• Ticketing tool (Service Now, Jira…)

• Strong knowledge of application security and penetration testing methodologies.

• Familiarity with web, mobile, and API technologies.

• Global knowledge of application security architecture (application layering, DMZs, WAFs, etc.), network segmentation, web application security best practices like development environments (dev, prod, test)

• Ability to interpret and validate technical reports.

• English level C1 or higher.

• 4 years of proven working experience in cybersecurity fields like vulnerability management, security assessment/testing or application security.

• Experience coordinating activities/services -process oriented, not people oriented.

Valuable

• Knowledge of Risk methodology

• Cyber security culture

• Certifications such as eJPT, eWPT(X), CEH, etc. would be a plus.

• Knowledge of SAST tools such as Fortify / SonarQ would be a plus.

W
ork Model:

• Hibrid.
• Flexible hours, Monday to Friday.

W
e offer:

Continuous training

Career plan tailored to employee preferences

Progression within the company

Flexible working hours

Hybrid work model

Language training (English, French, Spanish).

Salary: 55.000€

W
ould you like to join our team?

I
f you have experience in data and are looking to grow technically and professionally, don't hesitate to apply for this position. Contact us