We test what nobody else tests
Manufacturers, operators and distributors of products often lack incentives and the necessary awareness to have their products tested for weaknesses. This leads to the introduction of insecure products to the market that are not regulated or tested. The National Testinstitute for Cybersecurity NTC identifies and tests such products for vulnerabilities, even without a mandate, in order to reduce the cyber risks they pose.
As a penetration tester, you detect vulnerabilities in digital products and interconnected infrastructures.
Why you should work at the NTC
The NTC is a young and publicly funded non-profit organization. Like in a start-up, you have the chance to get involved and make a difference in all aspects of cybersecurity. Do you want to tackle building up something new and exploring new approaches? Then the NTC is offering you the right playing field to bring to light those vulnerabilities that are of critical relevance for Switzerland. We’re still in the early stages, and we need doers like yourself.
At the NTC, you are well connected and work with strong partners such as the National Cyber Security Centre (NCSC) and leading cybersecurity companies from the business sector. With your hacker mindset, you can identify digital products and infrastructures that urgently need to be examined more closely. The focus is on socially relevant target systems for which there are currently no economic incentives for review. The NTC will close this gap – together with you.
Why you’re the right person
You have some professional experience in cybersecurity and are willing to learn even more. It is even better if you have a bachelor’s or master’s degree in a field of natural sciences or a higher level of ICT vocational education and training.
It would be perfect if you already have experience as a penetration tester or bug hunter. As a developer or systems engineer with a strong flair for hacking, you may also be a very suitable candidate. As such, you have worked on projects with a particular focus on cybersecurity, participated in Capture the Flag Events (CTF’s), played on platforms such as Hack The Box or TryHackMe, or have relevant certifications such as OSCP, OSWE, GXPN, AZ-500, CRTO, etc.