Senior Cyber Security Engineer / Pentester

About the job

• Supporting projects in the information security environment by contributing cybersecurity expertise.
• Conducting penetration tests and simulated cyber-attacks within the system network, including documenting vulnerabilities and threats.
• Performing security reviews, analyses, audits, and assessments on systems and within the system network, including documenting vulnerabilities and threats.
• Conducting source code analyses of applications, including documenting vulnerabilities and threats.
• Designing and developing secure data storage, communication, and access procedures and infrastructures, including encryption and authentication methods.
• Supporting IT security incidents (incident response) through technical analyses (forensics & reverse engineering) and targeted threat actor hunting (threat hunting).
• Supporting the implementation of improvement measures and training employees on security issues.
• Planning and conducting pilot tests and proofs of concept.

• Very good skills and independent initiative in enumeration, privilege escalation, and lateral movement in blackbox penetration tests
• Experience in software development and source code analysis for whitebox penetration tests
• Scripting skills for automation and report generation, preferably in Python
• Flexibility in analyzing systems and networks of different classification levels, pragmatism in evaluating measures and risks of findings
• Willingness to travel throughout Switzerland for penetration tests (airgapped systems)
• Practical penetration testing certifications are a strong advantage (OSCP+, OSCE, HTB CPTS, HTB CWEE, HTB CAPE, CRTO, etc.)
• Experience in reverse engineering malware, firmware, and software is a strong advantage
• Regular participation in CTFs or security research (CVEs) is a strong advantage
• Good German skills, English and French are an advantage

About 3000 employees of RUAG and RUAG Real Estate make a significant contribution to the security of Switzerland every day. They ensure that the Swiss Army as well as other operational and security organizations can fully perform their tasks at all times.

• Very good skills and independent initiative in enumeration, privilege escalation, and lateral movement in blackbox penetration tests
• Experience in software development and source code analysis for whitebox penetration tests
• Scripting skills for automation and report generation, preferably in Python
• Flexibility in analyzing systems and networks of different classification levels, pragmatism in evaluating measures and risks of findings
• Willingness to travel throughout Switzerland for penetration tests (airgapped systems)
• Practical penetration testing certifications are a strong advantage (OSCP+, OSCE, HTB CPTS, HTB CWEE, HTB CAPE, CRTO, etc.)
• Experience in reverse engineering malware, firmware, and software is a strong advantage
• Regular participation in CTFs or security research (CVEs) is a strong advantage
• Good German skills, English and French are an advantage

• Supporting projects in the information security environment by contributing cybersecurity expertise.
• Conducting penetration tests and simulated cyber-attacks within the system network, including documenting vulnerabilities and threats.
• Performing security reviews, analyses, audits, and assessments on systems and within the system network, including documenting vulnerabilities and threats.
• Conducting source code analyses of applications, including documenting vulnerabilities and threats.
• Designing and developing secure data storage, communication, and access procedures and infrastructures, including encryption and authentication methods.
• Supporting IT security incidents (incident response) through technical analyses (forensics & reverse engineering) and targeted threat actor hunting (threat hunting).
• Supporting the implementation of improvement measures and training employees on security issues.
• Planning and conducting pilot tests and proofs of concept.