Business Unit: EDP ENERGIAS DE PORTUGAL
EDP is a global energy company that leads based on the values of Innovation, Sustainability and Humanization. Using the technology of the future we create solutions highly focused on the needs of our people and our customers, never neglecting our role and contribution to society.
The Digital Global Unit (DGU) is an area of EDP SA and its mission is to challenge the organization to think differently and go beyond, in a context of increasingly frequent and faster technological, economic and social changes, creating and disseminating a digital friendly culture, favorable to the development and experimentation of new solutions that create value for the various stakeholders of the EDP Group. To support us in this role, we intend to support us in this role, we intend to recruit for the Offensive Security team, this team is part of the Security Ops department.
This profile will be part of the team responsible for the global management of vulnerabilities in the EDP Group.
Produce regular and on demand security validations;
Collaborate in the development of the offensive security pipeline;
Planning, scoping and delivery of the monthly security testing schedule and ad-hoc penetration testing for the entire applications and infrastructure estate, in line with EDP standards;
Carry out appropriate follow-up activities with stakeholders to ensure vulnerability remediation;
Maintain and update the penetration testing framework documentation;
Compilation of vulnerability reports and dashboards.
Looking for people with the following requirements:
Bachelor’s Degree or Master’s in Computer Engineering, Computer Security or similar;
Minimum 3 years’ experience in similar functions;
Experience in vulnerability management, ensuring we develop secure code from the ground up;
Knowledge and experience in managing the major vulnerability management methodologies: OWASP, OSSTMM, OWISA, etc;
Knowledge of vulnerability management tools such as Tenable or Probely
Perform and collaborate with others on security-focused code review;
Assist teams in reproducing, screening and handling application security vulnerabilities;
Disseminate security and secure development practices.
Knowledge and experience in vulnerability management in OT and IoT systems;
Value specific security certifications such as CEH and/or OSCP;
Proven experience in capture-the-flag events (CTFs), bug hunting or vulnerability research (CVEs) will be valued;
Knowledge of secure source code analysis tools;
Knowledge of Cloud Security Posture Management tools;
Knowledge of cyber threat intelligence (CTI) and OSINT tools;
Knowledge of Cloud Security;
Knowledge of Information Security Management Systems (ISO/IEC 27001);
Knowledge of General Data Protection Regulation (GDPR).
Strong critical and analytical skills;
Planning and organizational skills.
Position Overview: We are looking for an Experienced Project Manager for our Global Blade Manufacturing Department with experience in leading...Apply For This Job
Process Engineer (Electrolyzer) Envision Energy is a leading green-tech company with presence in Europe, North America, and Asia. With the...Apply For This Job
The Field Applications Engineer (FAE) supports our customer’s engineering teams in evaluation and design-in of power, analog, mixed signal and...Apply For This Job
JOB DESCRIPTION The Electrical engineer will be responsible for the design and engineering of the electrical infrastructure of the microgrid,...Apply For This Job
Job Description Fluence, the global market leading energy storage technology company, is looking for an Energy Storage Sales Engineer to...Apply For This Job
TASKS Manage external engineering firms, subcontractors and internal engineering disciplines (civil, electrical, network, permitting) to achieve on time, on budget,...Apply For This Job