[5786] Penetration Tester 3

Start date: April 2026
Clearance: NATO Secret or equivalent
Location: Mons, Belgium

Requirements:

• Extensive hands-on experience (3+ years) in web application penetration testing
• Proven experience conducting IT infrastructure penetration testing
• Strong capability in network security architecture design
• Demonstrated expertise in identifying and assessing security vulnerabilities across operating systems, software, protocols, and networks
• Experience researching, evaluating, and validating security products and emerging technologies
• Solid system and network administration knowledge across UNIX and Windows environments
• Practical use of penetration testing tools, techniques, and recognised testing methodologies
• Scripting proficiency in at least one of the following: Perl, Python, Ruby, or shell scripting (bash, ksh, csh)
• Deep technical knowledge of:
o System and network security
o Authentication and security protocols
o Cryptography
o Application security
o Malware infection techniques and protection technologies
• Strong ability to evaluate security risks and define effective mitigation and remediation plans
• Proven ability to produce clear, structured technical documentation, including executive summaries, detailed technical findings, and remediation plans tailored to both technical and non-technical stakeholders

Duties:

• Lead and/or actively participate in Red Team and Blue Team operations during NATO military exercises
• Conduct web, infrastructure, and application-level penetration testing
• Perform security design reviews to ensure compliance with NATO policies, standards, and directives
• Provide security consultancy and advisory support to projects, operational plans, and related entities
• Establish and maintain effective communication with key stakeholders, including:
o NCIA Configuration Control Board
o Security Accreditation Boards
o NATO Security Accreditation Authorities
o NCI Agency organisational units supporting accreditation activities
• Deliver security briefings at both executive and technical levels, including presentations to flag officer–level audiences
• In coordination with the Head of the Penetration Testing Cell, ensure proactive collaboration and alignment with internal and external stakeholders