RITZ is currently looking for Cyber Security Specialists for permanent positions.

This is a great opportunity for a Cyber Security Specialist to utilize their penetration testing, vulnerability assessment and incident handling skills while joining the international team of experienced Security Professionals.

RITZ is proactively looking to develop the skills of their employees, and will always support this. In the role of Cyber Security Specialist, involvement across all security projects is encouraged to allow exposure to new skills and technologies to help progress career options.

The candidate should be able to demonstrate a thorough understanding of Cyber security and in-depth knowledge and experience around computer networking fundamentals, modern threats and vulnerabilities, attack methodologies and penetration testing tools. To be successful in this role, the candidate will need to have a proven track record in leading advanced network exploitation operations

Required qualifications:

• Strong understanding of networking fundamentals (all OSI layers, protocols, etc.)
• Strong understanding of Windows/Linux/Unix operating systems.
• Strong understanding of Penetration testing methodologies and tools.
• Strong understanding of operating system and software vulnerabilities and exploitation techniques.
• Strong understanding of web application vulnerabilities and exploitation techniques, covering the OWASP Top 10 as a minimum.
• Strong knowledge of and experience with commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post-exploitation
• Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines.

Preferred qualifications:

• Master or Bachelor Degree in Engineering or Technology related fields a major plus.
• Relevant security to certifications such as CEH, Offensive Security (OSCP, OSCE), SANS (GPEN, GXPN) or equivalent strongly desired.
• Knowledge of malware packing, obfuscation, persistence, exfiltration techniques.
• Knowledge and experience in using interpreted languages (Ruby, Python, Perl, etc.) and/or compiled languages (C, C++, C#, Java, etc.)

Requirements:
• Experience of all aspects of penetration testing in a commercial and/or government environment with Infrastructure or Web Applications disciplines.
• Experience of all aspects of Incident Response, Cyber Forensic and Event Management.
• You will be highly technical with a deep knowledge of penetration testing techniques, methodologies and tools across the disciplines.
• Experience with using a variety of network security testing tools and exploits to identify vulnerabilities and recommend corrective action, as well as experience of manual penetration testing and an understanding of IP Networking in a security context
• Experience in developing in house tools / scripts to improve delivery and facilitate testing operations.
• Ability to perform targeted, covert penetration tests with vulnerability identification, exploitation and post-exploitation activities with no or minimal use of automated tools.
• Well versed in security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others.
• Knowledge of application reverse engineering techniques and procedures.
• Understanding of government, financial sector, or other large organization, security and IT infrastructures.

Other skills:

• Excellent English in reading, writing and speaking.
• Excellent written and verbal communication skills coupled with an acute attention to detail in report writing.
• Ability to articulate and visually present complex penetration testing
• Ability to work effectively independently and in a team.
• Ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective.
• Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of