Penetration Testing Engineer

Landis+Gyr is a leading global provider of integrated energy management solutions. We measure and analyze energy utilization to generate empowering analytics for smart grid and infrastructure management, enabling utilities and consumers to reduce energy consumption. Our innovative and proven portfolio of software, services and intelligent sensor technology is a key driver to decarbonize the grid. With sales of USD 1.7 billion in FY 2022, Landis+Gyr employs over 7,000 talented people across 30 countries and five continents.

For more than a century, we've been pioneers in energy innovation, and we continue to lead the way toward a more sustainable and efficient energy landscape.

Join us at Landis+Gyr, where we manage energy better - since 1896.

Landis+Gyr seeks to hire a Penetration Testing Engineer (m/f/d) to join the Global Product Security team within the CISO organization. The Penetration Testing Engineer will coordinate internal and external penetration tests for Landis+Gyr, manage metrics related to the penetration tests and drive remediation and retesting of vulnerabilities. This individual will also collaborate with our product teams to identify and prioritize security vulnerabilities in our products and ensure that those are remediated within the project timeline.

Location: Czech Republic

About your future role:

• Effectively plan, develop, track and report internal and external penetration tests of APIs, web applications, cloud services, devices, and infrastructure.
• Identify global pen test needs based on the risk assessment and feedback from stakeholders.
• Engage with stakeholders and vendors to ensure that penetration testing is scheduled and properly scoped.
• Manage and track open vulnerabilities identified through penetration tests and drive their remediation by working with various cross-functional teams.
• Coordinate retesting of identified vulnerabilities.
• Support the Secure-Software Development Lifecycle (S-SDLC) by ensuring various security tools are integrated into our development processes, identifying, and prioritizing product vulnerabilities and assisting developers in remediating the vulnerability findings by providing guidance.
• Engage in application and domain-specific threat modeling and attack surface analysis and reduction.

About our Expectations:

• BS in Computer Science, Engineering or equivalent with 3-5 year’s relevant experience
• Demonstrated programming knowledge – Java, C#, C, C++ or Python
• Experience with SAST, DAST, SCA and penetration testing tools such as Sonarqube, Mend, AppScan, OWASP ZAP, Kali Linux, etc. as well as working with CI/CD and Infrastructure-as-Code tools: Jenkins, Gitlab, Terraform
• Comfortable working in both on-prem and cloud environment (preferably GCP)
• In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10, IoT Top 10 and SANS Top 25
• Knowledgeable in product/application security architecture – Service oriented architecture (SOA), Network security, Application security, PKI, Web services, REST APIs, Zero Trust design, Cloud Security
• Encryption knowledge, HSM (Hardware Security Modules)
• Excellent written and oral communication and presentation skills
• Relevant security certifications such as OSCP, CEH, etc.

Why Choose Us?

It’s an exciting time to be part of our team. With us, you’ll have the opportunity to grow professionally and personally within collaborative international environment. We offer you:
•   Exciting and challenging role with global collaboration and interesting projects
•   Pleasant working atmosphere with team work culture and accountability
•   Long-term full-time employment in a successful and innovative corporate environment

•   Motivating benefits package 

If you have the drive and enthusiasm to accept this challenge and to work in a very dynamic, cross functional and international environment, we are looking forward to meeting you. Click apply now.

We're committed to shaping a better future for everyone. #EnergizeYourCareer and join us on our journey towards a greener tomorrow.