Cyber Offence Specialist
il y a 3 semaines
**Job Location: Luxembourg**:
**Company description**:
Ferrero is a family-owned company with a truly progressive and global outlook and iconic brands such as Nutella®, Tic Tac®, Ferrero Rocher®, Raffaello®, Kinder Bueno® and Kinder Surprise®. As the love for our brands continues to grow, so too does our global reach. Represented in more than 50 countries, with products sold in more than 170, the Ferrero Group is loved by generations around the world. The secret to our global success? 38,767 dedicated employees who celebrate care and quality to craft a business, careers and brands we are proud of. Join us, and you could be one of them.
**Diversity Statement**:
Ferrero is committed to building a diverse and inclusive culture in which all employees feel welcomed and appreciated and have the same opportunities. We believe all of our people are equally talented in their own way. In nurturing the curiosity and natural abilities of our employees, we provide them, generation after generation, the means to succeed personally and professionally, enabling them to craft their journey at Ferrero. The diversity of our talents is what makes our work environment multicultural, innovative and highly rewarding.
**About the Role**:
For our **Ferrero Group Headquarters**, we are looking for a **Cybersecurity Offence Specialist** who will become part of our **Cybersecurity team **based in **Luxembourg**.
**Main Responsibilities**:
Covering this position, you will operate and maintain the necessary technologies to scan vulnerabilities, execute penetration testing and breach simulation, and to manage all found issues for their timely remediation.
While validating technically the vulnerabilities detected by automatic tools, you will as well support the management of a Bug Bounty program and the related technical triaging of reported bugs.
You will define and share technical remediations (also custom designed remediations) with IT & other internal/external stakeholders. In addition, you will maintain and improve, in accordance with Cybersecurity Offence Manager, the defined frameworks for the correct management of vulnerabilities in Ferrero, the execution of assessment activities, the execution of penetration testing
In this role you will identify and periodically share with the Cybersecurity Offence Manager improvements to be introduced to enhance the effectiveness of vulnerability assessments, penetration tests and red teaming exercises, as to ensure the correct identification of Cybersecurity gaps and weaknesses in Ferrero.
**Who we are looking for**:
You have knowledge of the most common platforms used for Vulnerability Management, as to handle found issues from a central portal (e.g. Microsoft Threat and Vulnerability Management, ServiceNow Vulnerability Response, RSA Archer IT Security Vulnerabilities Program, Tenable.io);
Knowledge of the major tools used for Vulnerability Detection:
- Vulnerability Scanners (e.g. Acunetix Vulnerability Scanner, Tenable Nessus Vulnerability Scanner, Qualys Scanner, Rapid7 InsightVM);
- Penetration Testing & Breach Attack Simulation (e.g. SecureVisio, Picus Security, Cymulate, AttackIQ, Threatcare);
- Knowledge of the main penetration testing methodologies and standards (e.g. OSSTMM, OWASP, NIST, PTES, ISSAF, MITRE ATT&CK Framework);
- Knowledge of Cybersecurity Blue Team operations, as to better identify weaknesses and gaps to be tested through exercises and adversarial attempts simulations.
Professional certifications are considered a plus, as:
- OSCP: Offensive Security Certified Professional
- CEPT: Certified Expert Penetration Tester
- GPEN: GIAC Penetration Tester
- GWAPT: GIAC Web Application Penetration Tester
- GCPN: GIAC Cloud Penetration Testing
- CPENT: Certified Penetration Testing Professional
- C|EH: Certified Ethical Hacker
- CRTOP: Certified Red Team Operations Professional
- Other equivalent certification
You will bring a **Track Record **of relevant activities/personal achievements, such as:
- Participation in Bug Bounty/VDP, with evidence of relative rewarded bug reports
- Technical writeups of detected vulnerabilities (e.g., Bug Bounty reports, zero-days, EDR bypasses, WAF bypasses, etc.,)
- GitHub personal repository and publications relative to offensive security (e.g., custom developed tools)
- Other publications in the field of offensive security (e.g., personal website, personal blog, newspaper, etc.,)
- Video making and/or streaming of content relative to offensive security, on common platforms such as YouTube or Twitch
- Community Engagement
You are **fluent in English **and at least another European language and you have outstanding analytical and conceptual skills.
**If you are interested to work in a dynamic environment with lots of interactions and exposure, then this might be the right role for you**
**Don’t miss the chance to apply**
**How to be successful in the role and at Ferrero**:
Consumers, quality and care are at the heart of eve
-
Cyber Defense Support Specialist
il y a 3 semaines
Luxembourg, Luxembourg RTL Group BCE Temps pleinRTL is Europe's leading entertainment brand standing for entertainment, independent journalism, inspiration, energy and attitude. With our TV channels, streaming services, radio stations and online platforms in Germany, the Netherlands, France, Hungary and Luxembourg, we reach millions of people across Europe every day. Do you value team spirit and a...
-
Research and Development Specialist in Cyber Policy
il y a 2 semaines
Luxembourg Université du Luxembourg Temps pleinThe Department of Law of the Faculty of Law, Economics and Finance of the University of Luxembourg is looking for a Research and Development specialist to conduct research in cyber policy.Your Role...The Research and Development specialist will be working under the supervision of Professor Niovi Vavoula. In particular, the R&D Specialist will be in charge...
-
Research and Development Specialist in Cyber Policy
il y a 2 semaines
Luxembourg, Luxembourg Université du Luxembourg Temps pleinThe Department of Law of the Faculty of Law, Economics and Finance of the University of Luxembourg is looking for a Research and Development specialist to conduct research in cyber policy.Your Role...The Research and Development specialist will be working under the supervision of Professor Niovi Vavoula. In particular, the R&D Specialist will be in charge...
-
Cyber Defense Support Specialist
il y a 1 mois
Luxembourg RTL Group BCE Temps pleinRTL is Europe’s leading entertainment brand standing for entertainment, independent journalism, inspiration, energy and attitude. With our TV channels, streaming services, radio stations and online platforms in Germany, the Netherlands, France, Hungary and Luxembourg, we reach millions of people across Europe every day. Do you value team spirit and a...
-
Cyber Defense Support Specialist
il y a 4 semaines
L1543 Luxembourg RTL Group Temps pleinCompany description:RTL is Europe's leading entertainment brand standing for entertainment, independent journalism, inspiration, energy and attitude. With our TV channels, streaming services, radio stations and online platforms in Germany, the Netherlands, France, Hungary and Luxembourg, we reach millions of people across Europe every day. Do you value team...
-
Cyber Security Intern
il y a 4 semaines
Luxembourg, Luxembourg Deloitte Luxembourg Temps pleinDeloitte provides a broad range of cyber security services to respond to a fast-paced and ever-changing environment. Our cyber security specialists have hands-on experience not only in assessing complex networks and systems, but also in designing and implementing information security governance and transformation programs. As a cyber-security trainee, you...
-
Cyber Security Intern
il y a 4 semaines
Luxembourg Deloitte Luxembourg Temps pleinDeloitte provides a broad range of cyber security services to respond to a fast-paced and ever-changing environment. Our cyber security specialists have hands-on experience not only in assessing complex networks and systems, but also in designing and implementing information security governance and transformation programs. As a cyber-security trainee,...
-
Vie Cloud Development Specialist
il y a 4 semaines
Luxembourg BNP Paribas Temps pleinVIE CLOUD DEVELOPMENT SPECIALIST - LUXEMBOURG, H/F (NUMÉRO DE L'EMPLOI : !V_BGL_0007) **VIE Cloud Development Specialist - Luxembourg, H/F** **Concrètement votre quotidien ?** Vous contribuerez aux études relatives à l'évolution des processus ou outillage au cœur des déploiements sur le cloud: - Alignement avec les outils d'intégration continue...
-
Spécialiste en gestion d'identité et d'accès
il y a 7 jours
Luxembourg, Luxembourg GovJobs Temps pleinStatut : Employé de l'État Qui recrute ? Banque centrale du Luxembourg Missions En tant que contributeur clé et membre de l'équipe ITsec (domaine Identity and Access Management), vous contribuez à l'exécution du projet IAM dans le contexte du programme de cyber-résilience.Le spécialiste IAM définit et met en œuvre des mesures de sécurité IAM...
-
Cybersecurity Specialist
il y a 4 semaines
Luxembourg Uni Systems Temps pleinPart of the team that ensures cyber security, quickly reacts in the event of incidents and develops policies for the security of the IT systems. - Contribution to IT Security Management activities: - Draft policies, standards, guidelines; - Contribute to performing market reviews, products analyses, studies; - Contribute to user awareness programs; -...
-
Spécialiste en gestion d'identité et d'accès
il y a 7 jours
Luxembourg GovJobs Temps pleinStatut : Employé de l'État Qui recrute ? Banque centrale du Luxembourg Missions En tant que contributeur clé et membre de l'équipe ITsec (domaine Identity and Access Management), vous contribuez à l'exécution du projet IAM dans le contexte du programme de cyber-résilience. Le spécialiste IAM définit et met en œuvre des mesures de sécurité IAM...
-
Compliance Officer
il y a 4 semaines
Luxembourg Rutherford Temps pleinLocation: Luxembourg - Sector: Compliance - Job type: Permanent - Contact: Tevia Kretzmer - Contact phone: 020 3778 0852 - Job ref: KRT11814 - Published: 29 days ago - Expiry date: 2023-04-22 **Our Client**: Rutherford Search have been mandated on an exciting opportunity for a Compliance Officer to join a rapidly growing technology focused investment...
-
Security and Risk Management Specialist
il y a 4 semaines
Luxembourg Investify S.A. Temps pleinSecurity and Risk Management Specialist Über investify TECH Wir sind ein FinTech im Herzen von Köln und Luxemburg mit großartigen Menschen, genialer Geschäftsidee und gemeinsamem Spirit. Bei uns kannst Du zeigen, was in Dir steckt! investify TECH ist der erste volldigitale und gleichzeitig individuelle Vermögensverwalter. Standorte sind...
-
Compliance Officer
il y a 4 semaines
Luxembourg Rutherford Temps pleinLocation: Luxembourg - Sector: Compliance - Job type: Permanent - Contact: Tevia Kretzmer - Contact phone: 020 7183 0545 - Job ref: KRT36030 - Published: about 13 hours ago - Expiry date: 2025-03-18 **Our Client**: Rutherford Search have been mandated on an exciting opportunity for a Compliance Officer to join an alternative investment firm in their...
-
Compliance Officer
il y a 4 semaines
Luxembourg Rutherford Temps pleinLocation: Luxembourg - Sector: Compliance - Job type: Permanent - Contact: Tevia Kretzmer - Contact phone: 020 7183 0545 - Job ref: KRT36030_1 - Published: about 10 hours ago - Expiry date: 2024-05-17 **Our Client**: Rutherford Search have been mandated on an exciting opportunity for a Compliance Officer to join an alternative investment firm in their...