Address
Form of work
SalaryInfrastructure Penetration Tester
Objective
The primary objective is to uncover vulnerabilities within both new and existing technical infrastructures and systems.
Penetration Test Scenarios
The penetration test may encompass various scenarios, including:
Source - Internal and external (from the internet) penetration testing.
Approach-
- White-box (all information available)
- Grey-box (some internal information)
- Black-box (no information)
- **Methodology**:
- Cautious (discovery, enumeration, vulnerability mapping)
- Aggressive (exploitation of vulnerabilities, denial of service)
- Technique: Network-based testing. Host-based testing and social engineering are typically excluded from this type of testing.
Scope
- Servers on internal and DMZ networks with various operating systems (Windows, Unix, Linux).
- Cloud services and hybrid systems.
- Proprietary systems and technologies (e.g., Industrial Control Systems - ICS).
- Configuration and behavior of network and security appliances (firewalls, routers, intrusion detection systems).
- Network and application services on network-attached systems (DNS, FTP, SSH, Telnet, NTP, SNMP, HTTP, LDAP, JDBC, ADDS, NFS, SMTP).
Host-Based Audit (and Compliance Check)
This involves assessing the security status of individual hosts, including:
- Patch-level status
- Enumeration of network services
- Gathering security-relevant settings (account privileges, user authentication settings, audit and logging policies)
- Validation of hardening guidelines
- Identifying exploits
Social Engineering Testing
The aim is to identify vulnerabilities affecting confidentiality and/or integrity related to employees' adherence to procedures and security best practices. Techniques include, but are not limited to:
- Direct personal contact
- Phone contact (both internal and external)
- Email (both internal and external) with phishing URLs
- USB drops
Candidates must be able to speak french,dutch and english
### Technical Knowledge
#### Essential Technical Knowledge
- Network technologies (Ethernet, Wi-Fi, fiber channel, Bluetooth) and protocols.
- Authentication technologies and mechanisms (for both user and machine).
- Encryption techniques.
- Operating systems (Windows, Linux, Solaris).
- Cloud services (e.g., Microsoft stack).
- Cloud architecture and principles, including interconnectivity and interoperability between systems, services, and applications.
- Cloud, on-premise, and hybrid topologies.
- Microservices.
- Enterprise service bus architecture (including API-gateway).
- Proprietary systems and protocols, including industrial control systems (ICS) and supervisory control and data acquisition (SCADA).
- Common attack techniques and methods to bypass security controls.
- Scripting (Bash, Python, PowerShell).
Beneficial Technical Knowledge
- Network design and architecture.
- Multi-layered security (defense in depth) principles.
- Programming languages.
- Database systems (e.g., Microsoft SQL, Oracle Database).
- Middleware (e.g., Web Application Servers, Enterprise Service Bus, Business analytics tools, ETL).
Education and Experience
The proposed consultant must have extensive professional experience, including:
- At least 10 years as an Infrastructure Penetration Tester.
- At least 5 years with critical infrastructure.
Special Conditions
- Each candidate for the Infrastructure Penetration Tester role must have a "secret" clearance level (Belgian or equivalent).
