Untested systems are unsecure systems. As a tester, you’ll be testing and validating ENCS members’ critical infrastructures and components to ensure our energy grid security is up to scratch.
As a security tester for ENCS, you’ll need to:
- Perform on-site penetration testing for our members and other power companies
- Conduct vulnerability and risk assessments of power systems architectures
- Help evaluate functional security of critical infrastructure components in the ENCS lab
- Help to drive and implement the ENCS security test strategy by implementing tools for evaluating components against security requirements
Who we’re looking for
To succeed in this role, you’ll need:
- A good understanding of penetration testing and critical infrastructures
- Strong technical skills built over a minimum of 2 years in security testing
- Experience communicating vulnerability results and the ability to write clear testing reports
- High motivation and the ability to think and work independently
- Experience working with customers in a commercial setting
- Fluent English
- Experienced in using nmap, Nessus, Burp and Metasploit
- Deep knowledge of TLS and IPsec protocols and their weaknesses
- Understanding the principles of XSS, SQL-Injections, Memory Corruption & Remote Code Execution
- Familiar with OWASP references
About the job
ENCS is looking for embedded penetration testers. We are helping our members – electricity distribution grid operators – to procure and operate secure devices and we want you to ensure they’re secure. Embedded security testers play a key role through two activities:
- Testing components against security requirements. ENCS offers its members harmonized sets of requirements to procure smart meters, Electric Vehicle Charge Points and RTUs. These cover everything needed to operate a device in an end-to-end secure manner, from encryption and authentication to access control and logging. Penetration testers then ensure that the devices our members choose meet these requirements by developing tests cases and tools and then performing the test projects.
- Penetration testing operational systems. Once a grid operator has procured devices with the right security functionality, it is important that they are configured securely. To assure this, ENCS performs penetration testing across the entire chain, from the central systems to the devices in the field. Embedded security testers play a leading role in this, with a focus on testing the configuration of the embedded devices and the communication with them.
ENCS performs component and system tests for its members throughout Europe. We test technologies including smart meters, in-home load control devices, electric vehicle charging poles, data-concentrators, RTUs, head-end systems, and SCADA servers. ENCS is also involved in many smart grid innovation projects, and testers are expected to stay up to date with the newest communication technologies, including power-line communications and RF mesh networks.
When infrastructure is critical, so is its security. With an ever more connected electricity grid, cyber security challenges are multiplying every day and demand a new way of thinking from security professionals.
Founded in 2012, the European Network for Cyber Security (ENCS) is an independent, non-profit organisation dedicated to enhancing the security of critical energy infrastructures across Europe. Using our network in academia, government and business, we provide cyber security solutions and counsel to utilities and regulators.
By joining ENCS you’ll be part of a small, international team of industry experts making a real difference to critical infrastructure cyber security developments in Europe. From our offices in The Hague you’ll work across Europe, giving you the chance to:
- Work at the forefront of new security developments. Smart grids, electric vehicles, and industrial control systems offer unique security challenges. We are in a leading position to meet these by developing new solutions, finding new classes of vulnerabilities, and setting the standard for smart grid cyber security.
- Protect society. Keeping the grid secure while it is increasingly automated is critical if our society is to transition to renewable energy. ENCS has a unique position to act on behalf of our members to make sure their systems are secure.
- Develop your skills in an international environment. ENCS is a small company taking on big challenges. That creates a unique environment for ambitious talent to grow and take on new responsibilities.
- An attractive salary ( EUR 3500 – EUR 5500 a month based on experience)
- Health insurance contribution
- Pension contribution
- Mobility budget
- Laptop and mobile phone (also for private use)
- A delicious lunch every day with the team
Interested in joining us?
We hope so. Please submit your CV and a supporting cover letter in English outlining why you want to work For ENCS by e-mail to: firstname.lastname@example.org
Please note that an employee screening is part of the interview process. All employees of ENCS need to obtain a Police Clearance Certificate/Certificate of Good Conduct (VOG).+A1:A13.