We’ve noticed that:

  • For security specialists is so difficult to find a job that allows to put their skills to the test and always find & learn the latest things from the industry
  • For companies is always a challenge to find reliable security professionals to hire or simply to collaborate project based

Two years ago we have created a place where we can announce latest positions available from our trusted partners.

Discover Who is Hiring at DefCamp 2018

Discover Who Hired in 2016.

Discover Who Hired in 2017.

Orange

What the team does:

We are a small security team offering security services to most of the countries/entities across the Orange Group. We have both attack (like pentesting) and defense (like DevSecOps) activities and we also do research.

If we would be a word cloud, it would sound something like: Kali, Burp, Python, HackRF, OpenStack, Docker, Kubernetes, OWASP, Ruby, appsec, REST, open source.

What you would be doing:

First and foremost, pentesting. You would be involved in all our pentest engagements, from kick-off to the report. Our targets are quite varied, you can have from small web apps to entire payment platforms, IoT devices and XaaS platforms.

When you won’t be pentesting you’ll mostly be doing other kinds of security assessments, like vulnerability scans or configuration audits. You will also help other teams with advice on how to best secure their systems and probably, if you’re up to it, you’ll also work on developing our arsenal by writing our own tools that match our environment.

What you need:

Essential:

  • Curiosity, a hacker mindset
  • A deep understanding of the TCP/IP stack and of how (at least) web applications work
  • Experience with pentesting and/or vulnerability research,
  • The ability of working your way in an almost 100% *NIX environment
  • People skills. There’s little use in popping a shell if you can’t explain why that’s bad and how to fix it
  • The necessary skills to write your scripts/tools to automate your work

Great to have:

  • Full stack development understanding and skills
  • One or more of the following certifications: OSCP, GPEN, GWAPT, C|EH (OSCP would be great though)
  • IoT-related skills

Crowdstrike


CrowdStrike is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. We are the fastest growing endpoint protection company, one of the World’s Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success. The CrowdStrike Falcon platform uses sophisticated signature-less artificial intelligence/machine learning and Indicator-of-Attack (IOA) based threat prevention to stop known and unknown threats.

 CrowdStrike Accomplishments:

  • January 2018: Awarded #1 in the Visionaries quadrant of the 2018 Gartner Magic Quadrant for Endpoint Protection Platforms.
  • February 2018: Great Place to Work

Job purpose

Are you passionate about cybersecurity? Join our Security Response Team from Romania and you will focus on improving the detection capability and efficiency for the Falcon Host platform through tactical analysis of ongoing attacks by investigating petabytes of data.

 You will:

  • Review and develop detections that adhere to company performance and security standards
  • Analyze files and behavioral activity to determine if they are legitimate or malicious.
  • Contribute to active mitigation efforts and support incident response engagement with technical expertise.
  • Analyze and track ongoing criminal campaigns targeting CrowdStrike customers.
  • Develop tools to assist with automation of analysis tasks and tracking of threat actors.

What we need:

  • Sound understanding of current and emerging threats and ability to demonstrate practical knowledge of security research
  • Experience working with and manipulating large data sets (i.e. billions of events per day).
  • Experience in a security operations center or similar environment tracking threat actors and responding to incidents.
  • Fundamental understanding of attributes of binary files on multiple operating systems (Windows, MacOS, Linux)
  • Knowledge of programming and scripting languages, in particular Python.

Bonus points awarded for:

 

  • Good understanding of Windows OS internals and the Windows API.
  • Familiarity with tools used in targeted and criminal intrusions.
  • A background in exploit and vulnerability analysis is a plus.
  • Knowledge of a variety of programming languages including C, C++, Java, and Assembly.
  • General understanding of threat/risk management and threat/risk assessment.
  • Experience with malware analysis tools and reverse engineering (with IDA Pro)
  • Knowledge of machine learning, and labelling applied to malware classification
  • Experience with the following tools: Windows Debuggers (Ollydbg, WinDbg), Wireshark
  • BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field

What we offer:

  • Competitive salary
  • Stock options
  • Private Healthcare insurance
  • Life insurance
  • Training budget
  • Flexible time off
  • Team hangouts

WHY US?

  • Dynamic company with opportunities to expand skills and cross train in new areas.
  • Ability to make an impact, both with customers and fellow team members.
  • High visibility engagements and company name enable accelerated career growth potential.
  • Agile team eliminates bureaucracy and provides flexibility to make immediate improvements.
  • Immediate mentorship and leadership opportunities.
  • Work with like-minded, driven, and smart team members who will challenge you daily.
  • Google invested in us, shouldn’t you?

CrowdStrike is an Equal Opportunity employer.  All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. 

Siemens

 If you really want to make a difference – make it with us

Your new role – challenging and future –oriented

• You will evaluate security technologies for protecting products, solutions, and infrastructures
• You will develop and implement innovative security mechanisms for industrial environments
• You will support the setup and commissioning of the implemented security mechanisms
• You will use your knowhow to bridge the gap between legacy industrial systems and new security technologies

Your Qualifications – Solid and Appropriate

• You are interested in testing and prototyping state-of-the-art and beyond security technologies
• C/C++, Bash, Python, Buildroot
• You have successfully majored in a computer science or electrical engineering
• You have distinct knowledge of communication, information, and security technologies
• You are familiar with usage and administration of operating systems (Linux, Windows)
• You have experience with application whitelisting technologies and related Windows 10 security features like Device Guard and Exploit Guard to protect against malware.
• You have proven skills in software development,
ideally also for embedded systems or the Linux kernel
• You are diligent and accurate in performing tasks
• You have an excellent proficiency in English and (ideally) German

Your new role – challenging and future –oriented

• Assess enterprise applications with tool-based and manual penetration testing methods (Web Technologies, Rich Clients, SAP, Networks, protocols)
• Find new vulnerabilities in business applications and prove their relevance with exploits
• Write client reports that detail: approaches for exploiting vulnerabilities, risk evaluation and mitigation suggestions
• Explain vulnerabilities and their impact to technical experts, as well as management personnel
• Perform root-cause analysis and lessons learned with developers and architects to improve security sustainably

Your Qualifications – Solid and Appropriate

• Master’s degree in Computer Science/Information Technology/IT Security
• Minimum 3 to 5 years experience in hands-on penetration testing or red team engagement, current attack methods and tools
• Review and ensure the secure configuration of different operating systems, network and mobile devices
• Experience in analyzing rich clients using debugging, API hooking, fuzzing, etc.
• Proficiency in programming languages such as C/C++, Java, .NET, Python as well as source code review
• Experience in SAP ABAP/Java Stack
• Ability to understand, find, verify and explain security vulnerabilities
• Fluent in spoken and written English, including security terminology

Your new role – challenging and future –oriented

• Develop new features to further extend a security testing framework at Siemens
• Work on software development tasks covering both, Creation of optimal solutions to refine a security testing framework – focus on performance and accuracy
• Create solutions that are designed in a way to be modular and easy to maintain – focus on code quality
• Technology stack: Python 3, Python Flask, Jinja2, SQLAlchemy, Bootstrap, SQLite, PostgreSQL, Ubuntu Linux, Nmap

Your Qualifications – Solid and Appropriate

• Master’s degree in Computer Science/Information Technology;
specialization in IT Security a plus
• Minimum 3 Experience in Python 3 development and system
administration
• Experience in Python 3 development and system administration
• IT security background, such as secure coding, secure IT operations, penetration testing or IT security consulting

Sponsors & Partners

They help us make this conference possible.

Stay Updated - Join Our Newsletter