Cyber Security Engineer / Pentester

About the job

• Supporting projects in the information security environment by contributing cybersecurity expertise
• Conducting penetration tests and simulated cyber-attacks within the system network, including documenting vulnerabilities and threats
• Performing security reviews, analyses, audits, and assessments on systems and within the system network, including documenting vulnerabilities and threats
• Conducting source code analyses of applications, including documenting vulnerabilities and threats
• Carrying out design and development work for secure data storage, communication, and access procedures and infrastructures, including encryption and authentication methods
• Supporting IT security incidents (incident response) through technical analyses (forensics & reverse engineering) and targeted searches for threat actors (threat hunting)
• Assisting in the implementation of improvement measures and training employees on security issues
• Planning and conducting pilot tests and proofs of concept

• Very good skills and independent initiative in enumeration, privilege escalation, and lateral movement in blackbox penetration tests
• Experience in software development and source code analysis for whitebox penetration tests
• Scripting skills for automation and report generation, preferably in Python
• Flexibility in analysing systems and networks of different classification levels, pragmatism in the evaluation of measures and risks of findings
• Willingness to travel throughout Switzerland for penetration tests (air-gapped systems)
• Practical penetration testing certifications are a strong advantage (OSCP+, OSCE, HTB CPTS, HTB CWEE, HTB CAPE, CRTO etc.)
• Experience in reverse engineering of malware, firmware, and software and regular participation in CTFs or security research (CVEs) are a strong advantage
• Good German skills, English and French are an advantage

About 3000 employees of RUAG and RUAG Real Estate make a significant contribution to the security of Switzerland every day. They ensure that the Swiss Army as well as other operational and security organisations can fully perform their tasks at all times.

• Very good skills and independent initiative in enumeration, privilege escalation, and lateral movement in blackbox penetration tests
• Experience in software development and source code analysis for whitebox penetration tests
• Scripting skills for automation and report generation, preferably in Python
• Flexibility in analysing systems and networks of different classification levels, pragmatism in the evaluation of measures and risks of findings
• Willingness to travel throughout Switzerland for penetration tests (air-gapped systems)
• Practical penetration testing certifications are a strong advantage (OSCP+, OSCE, HTB CPTS, HTB CWEE, HTB CAPE, CRTO etc.)
• Experience in reverse engineering of malware, firmware, and software and regular participation in CTFs or security research (CVEs) are a strong advantage
• Good German skills, English and French are an advantage

• Supporting projects in the information security environment by contributing cybersecurity expertise
• Conducting penetration tests and simulated cyber-attacks within the system network, including documenting vulnerabilities and threats
• Performing security reviews, analyses, audits, and assessments on systems and within the system network, including documenting vulnerabilities and threats
• Conducting source code analyses of applications, including documenting vulnerabilities and threats
• Carrying out design and development work for secure data storage, communication, and access procedures and infrastructures, including encryption and authentication methods
• Supporting IT security incidents (incident response) through technical analyses (forensics & reverse engineering) and targeted searches for threat actors (threat hunting)
• Assisting in the implementation of improvement measures and training employees on security issues
• Planning and conducting pilot tests and proofs of concept