Penetration Tester

**About us**:
Ivy Partners is a Swiss advisory company that contributes to the evolution of companies in their strategic, technological and organisational challenges.

Our mission is to provide our employees with a fulfilling and supportive career environment, where everyone is valued and empowered through training and opportunities for growth.

As a **Penetration Tester (PenTester)**, you will be in charge of:

- Perform code reviews to identify potential vulnerabilities and exploits.
- Simulate attacks on defined systems to identify weaknesses.
- Search for alternative access and entry options to systems.
- Plan and conduct penetration tests in a structured manner.
- Document all findings comprehensively.
- Evaluate findings according to their risk using known assessment grids such as CVSS (Common Vulnerability Scoring System).
- Provide stage-appropriate information about the results.
- Develop general and specific solution proposals to address identified vulnerabilities.
- Recommend and design strategies to improve overall security posture.
- Conduct re-tests to ensure vulnerabilities have been successfully mitigated.
- Check systems for vulnerabilities according to OWASP (Open Web Application Security Project) standards.
- Ensure all activities are in compliance with established norms and standards.

**Profile**:

- **You are HERMES and/ or TOGAF certified.**:

- Fluent in English, French and/or German is a strong advantage.
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- Experience with scripting and automation tools.
- Knowledge of regulatory requirements and compliance standards (e.g., GDPR, HIPAA).
- Familiarity with cloud security and DevSecOps practices.
- Proven experience as a Penetration Tester or similar role in cybersecurity.
- In-depth knowledge of security standards and best practices.
- Proficiency in various penetration testing tools and methodologies.
- Strong understanding of network protocols, system architecture, and security technologies.
- Experience with code review and understanding of common software vulnerabilities.
- Ability to evaluate risks using assessment grids like CVSS.
- Excellent problem-solving skills and attention to detail.
- Strong communication skills, with the ability to provide clear and concise documentation and reports.
- Relevant certifications (e.g., OSCP, CEH, CISSP) are a plus.

**Ivy, is also about**:
**Care |** We offer a supportive environment where everyone is valued and empowered with training and growth prospect.

**Trust |** Working with us is about establishing a partnership based on trust, professionalism, and transparency at all times.

**Innovation |** We empower effective digital transformation through a unique blend of innovative technology and creative thinking.

**Responsibility |** Community is at the heart of everything we do, and we take that responsibility seriously by working hard to create a positive impact.

**Joining Ivy** means being part of a challenging adventure at every turn