Stellenangebot Firmenprofil

Finde jetzt den perfekten Job für Dich Jetzt Job finden

erweiterte Suche

The Generali Operations Service Platform (GOSP) supports the Generali Group in optimizing its digital services, its service quality and the creation of synergies. GOSP uses common technology platforms for the Group. As a joint venture partner, Accenture provides expertise to support transformation, innovation and scaling. GOSP develops solutions for digitalization and the introduction of a cloud-centric model. GOSP includes IT infrastructure, procurement, and security operations, among others.


Aufgaben

We are "Generali Operations Service Platform" (in short GOSP). In our core we are the global internal IT infrastructure provider for the Generali group with branches in six countries working closely together in international teams composed of colleagues from Italy, Germany, France, Austria, Czech Republic and Hungary. We are also providing global procurement services and IT-application services all over Europe. To strengthen the Vulnerability Management & Prevention unit, we are looking for you as Senior Vulnerability Analyst and Penetration Tester (m/f/d).

The team reports directly to the head of Cyber Security of GOSP and is responsible to implement the governance framework and related IT solutions required to effectively execute Vulnerability Management practice for GOSP and its customers inside the Generali Group.

The activities encompass:

  • Execution of periodical vulnerability assessment on both internal and external perimeter, leveraging enterprise solutions
  • Execution of web application and penetration tests

Your tasks:

  • Manage and assist the Cyber Security activities in GOSP
  • Establish process and procedure regarding the Secure Software Development Life Cycle
  • Perform and analyse source code (SAST, DAST, IAST)
  • Perform Red Teaming activities in cooperation with GOSP CSIRT based on an agreed cyber threat scenario to validate the detection and prevention capabilities in place; identification of the main weaknesses and vulnerabilities and definition of the remediation actions required
  • Execution of WAPT / PT activities on GOSP infrastructure and / or applications to verify the level of hardening and configuration in place, definition of the mitigation actions for the identified weaknesses
  • Periodical execution of vulnerability assessments both on the internal and external perimeter to identify vulnerabilities affecting GOSP infrastructure
  • Tracking and monitoring of the identified vulnerabilities leveraging the Vulnerability Management tool of GOSP
  • Analysis of newly discovered vulnerabilities / 0days collected both from OSINT and CLOSINT sources, assessing the potential impact on GOSP infrastructure

Profil
  • Degree in Computer Science, IT Security, or equivalent work experience in Information Security
  • 5+ years of experience in vulnerability assessment / penetration tests activities
  • Knowledge of the main market tools and processes to perform vulnerability assessments (e.g. Qualys, Nessus, Nmap)
  • Knowledge on the main penetration testing tools available on the market (e.g. OWASP ZAP, Burp Suite, Metasploit, Wireshark, John The Ripper, sqlmap)
  • Good knowledge of IT networks and protocols, operating systems, web and application server architectures
  • Good knowledge of cyber security strategy adoption and regulation
  • Good knowledge of one or more programming languages (e.g. python, PowerShell, C/C++)
  • Intermediate English (at least CEFR B2, written / spoken)
  • Ability to work in team and to maintain deadlines on assigned tasks
  • Positive attitude and open to learn on the job
  • Passionate about offensive and defensive security
  • Proactive in identifying obstacles and problems that might impact your daily activities
  • Very good problem-solving capabilities

Wir bieten

You will work in a highly-motivated and international team consisting of colleagues all over Europe, mainly located in Italy. You will be in contact with your team members and top management of insurance companies mainly in Europe / Germany.

We offer home office up to 100 % and flexible working hours. As part of the Generali insurance group, we offer extensive social benefits, a company pension scheme and in-house rates.