Company Description
SGS Brightsight is the world’s largest independent security evaluation lab, with accredited facilities across the globe. Our teams in Delft (The Netherlands), Barcelona and Madrid (Spain), Meyreuil (France), Beijing, Shanghai and Guangzhou (China), Singapore, and the USA are dedicated to helping companies ensure their products comply with the latest security regulations and requirements. With over 35 years of experience in evaluating IT products across various industries, we work at the forefront of security, evaluating products against stringent governmental and private standards.
At SGS Brightsight, our knowledge-driven environment is powered by professionals from diverse technical backgrounds. We pride ourselves on fostering an open, ambitious, and international atmosphere that values continuous growth. More information about our work can be found at SGS Brightsight: Security Evaluation Lab.
Job Description
We are seeking a highly skilled and detail-oriented professional to join our team as a cybersecurity evaluator. You will join a multidisciplinary team to execute security evaluations on state-of-the-art network products (firewalls, routers, switches…), security services (EDR, EPP, SIEM, IDS-IPS...), operating systems, applications, etc.
Responsibilities
Perform comprehensive evaluations of information technology products based on international standards like Common Criteria or LINCE standards.
Review and analyze security documentation, including security policies, specifications and test plans
Conduct thorough assessments of security functionality, vulnerability analysis and risk management practices
Utilize testing tools, methodologies and frameworks to assess the security of products
Prepare detailed evaluation reports outlining findings, analysis and recommendations Stay updated on the latest developments in the field of Common Criteria and security evaluation methodologies
Participate in the improvement and development of evaluation processes, methodologies and best practices Provide guidance and support to internal teams reg
Qualifications
Must
Experience and focus on cybersecurity
You have a bachelor's or master's degree in a technical field of study (computer science, telecommunications, electronics, physics, mathematics)
You have strong analytical and problem-solving skills with attention to detail
You can work effectively both independently and collaboratively in a team environment
You have strong organizational skills with the ability to prioritize tasks and meet deadlines You have English language skills
Desired
Experience with cybersecurity tooling such as Nmap, Nessus, Wireshark, Burp, Scapy, etc.
Solid understanding of security principles, cryptographic algorithms and security protocols
Experience in the defense and aerospace sectors
Strong understanding of tactical communication systems, secure military communications, and associated cybersecurity requirements.
Knowledge/experience in ISO27001, Common Criteria, SESIP, PSA, CSA, LINCE, MEMEC, CICLON, NESAS, PCI
Knowledge/experience in Smartcards, HSM, ARM, cryptography, web, networking technologies
Experience in conducting security evaluations, vulnerability assessments or penetration testing
Additional Information
Competitive salary package based on your experience and capabilities
Complete training plans and a supportive work environment
Multicultural team with highly motivated colleagues from all over the world
Work for the recognized global leader in security evaluations
Work with all major developers on their latest innovations
Enjoy an informal and intellectually challenging work environment