Job Description: DXC Technology is a global professional services company whose mission is to lead the digital transformation of our clients by advising and guiding them in the application of technology to obtain the best results and increase the competitiveness of their companies. With more than 130,000 professionals and expert technologists, collaborating in more than 70 countries together with an exceptional network of partners, we offer advanced IT services and solutions.
In Spain, we are one of the main leaders in the IT market. We have nearly 8,000 professionals, distributed in thirteen locations, with centers of excellence in cutting-edge technologies such as Cloud, Business Intelligence, AI, or Automation among many others, serving more than 200 customers from all industries in the public and private sectors. We work with leading companies in the country that trust us to guide their digital transformation.
We develop active policies of diversity and inclusion of people with disabilities and we are proud to have a representation of approximately 49% of female professionals.
At DXC Spain we are looking for a Pentester Lead to join our great team of Security Iberia. Job Description The Iberia Cybersecurity Team is looking for a professional with high tech experience in pentest exercises and valuable in red team exercises. We want to reinforce our offensive services by energizing a new offensive unit in Iberia; for this reason experience in business aspects, team leadership and contact with clients is highly valued.
Requirements: Experience in offensive cybersecurity, including penetration testing and/or red teaming. Experience in pentest and/or red team exercises. Advanced English level and good communication skills, able to address stakeholders of varying technical backgrounds. Stay up to date with the latest trends in the offensive field of cybersecurity. Knowledge of persistence tools and Command and Control platforms, such as Cobalt Strike or Empire. Experience with initial access and reconnaissance tools, including Blood Hound. Experience in bash/shell scripting, Python, and other programming languages. Experience with credential extraction and lateral movement tools and techniques, such as Mimikatz, CrackMapExec, SharpRDP, or similar. Familiarity with security frameworks and methodologies such as MITRE ATT&CK, Cyber Kill Chain, OWASP, and NIST. Tasks: Offering guidance and mentoring to adjacent teams and team members. Understanding the purpose of the assets to be pentested, learning their business relevance, and identifying worst-case scenarios for focused exploitation. Executing penetration test activities, documenting all actions, and employing current TTPs used by real-world attackers. Documenting penetration test results, including technical documentation. Presentation of results to clients at different levels. Assisting clients in understanding exploitation findings and proposing remediation recommendations and best practices. Developing attack strategies and tactics tailored to clients' specific environments based on Threat Intelligence. Researching and developing new tools and techniques for intrusion exercises. Identifying and exploiting vulnerabilities in client systems, applications, and networks. Active collaboration with the pre-sales team to boost the business. Support in business development, portfolio standardization and incorporation of new team members. Nice to have: Certifications such as CEH, OSCP, OSWE, GPEN, or other equivalent security certifications. Programming skills in Python, C#, C/C++, Go, etc. Applied security research experience. Application security threat modeling. Experience in the development of business offers to clients. Experience in commercial meetings. What will you find at DXC? Challenge of leading one of the parts of the portfolio focused on growth in DXC. Professional development. Leading projects in market reference clients. Excellent work environment. Flexibility and work-life balance. Work with leading technologies within the IT sector. Access to DXC University with unlimited certifications. Social and responsible commitment. Stable employment. Social benefits.
#J-18808-Ljbffr
