CrawlJobs Logo
Sopra Steria Logo Sopra Steria · IT - Administration

Pentest Coordinator

Spain, Madrid · Job Posted April 16, 2026
Apply Position
Job Link Share

Job Description

We are looking for a Pentest Coordinator to join our team. The role involves coordinating the full lifecycle of pentesting and SAST services, acting as the primary link between internal Cybersecurity teams and vendors, and ensuring service delivery alignment with internal policies.

Job Responsibility

  • Full-service coordination lifecycle of pentesting and SAST services: Planning: Validate requirements, define scope, and organize kick-off / closing meetings with the Business and
  • Execution: Ensure providers have the necessary credentials, environments, and permissions
  • Monitoring: Track progress, support resolution of blocking point, and ensure adherence to guidelines and good practices
  • Closure: Review reports, validate findings, and coordinate remediation plans
  • Act as the primary link between the internal Cybersecurity teams and pentesting service vendors
  • Ensure service delivery alignment and compliance with internal policies during testing

Requirements

  • From 3 to 5 years (SSr) of proven working experience in cybersecurity fields like vulnerability management, security assessment/testing or application security (mandatory)
  • Experience coordinating activities/services -process oriented, not people oriented- (mandatory)
  • Experience in managing and communicating with vendors
  • Strong knowledge of application security and penetration testing methodologies
  • Familiarity with web, mobile, and API technologies
  • Global knowledge of application security architecture (application layering, DMZs, WAFs, etc.), network segmentation, web application security best practices like development environments (dev, prod, test)
  • Ability to interpret and validate technical reports (important)

What we offer

  • 23 days annual leave
  • Continuous training: technical and transversal skills and languages
  • Life and accident insurance
  • Flexible benefits program (health insurance, meal vouchers, childcare vouchers, mobility, and training)
  • “Privilige Club” access, where you will find deals for several brands
  • Detailed and personalized onboarding
  • Recreational spaces in our offices
  • Companionship and great working environment
  • Opportunity to develop your professional career with an individualized career development plan
Sopra Steria - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Pentest Coordinator

8 matching positions

Security Control Assessor (SCA) Professional– Level IV/Subject Matter Expert (SME)

Arcfield's Cyber programs are expanding and are currently in need of Level IV/ S...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess and be able to maintain a TS/SCI clearance with polygraph
  • BA/BS or higher STEM degree
  • BS 8-10 years of experience, MS 6-8 years of experience, PhD 3-5 years of experience
  • SCA experience
  • Certifications (At least one of the below): CAP, CASP, CISM, CISSP (or Associate), GSCL, CGRC/CAP, Cloud+, CYSA+, GSEC, PenTest+
  • Relevant experience in technical project management
  • Advanced IS security skills and knowledge
  • Familiarity with IA concepts
  • Ability to review and recommend vulnerability and risk levels associated with SW and HW products
  • Practical experience developing and implementing security related directives
Job Responsibility
Job Responsibility
  • Review and assess information systems (IS) for compliance with IC, DoD, and ND guidelines
  • Provide IS security advice and guidance to government and industry partners
  • Advise Information System Owners (ISO) on confidentiality, integrity, and availability impact values
  • Offer technical guidance for Authorization and Accreditation (A&A) responses
  • Evaluate IS threats and vulnerabilities, recommending additional safeguards as needed
  • Support development and implementation of NRO IT-IA-IM policies
  • Contribute to future NRO IS security policy development
  • Conduct site visits and assessments, prepare written reports for government approval
  • Ensure completion of security control assessments for each IS
  • Support RMF process-related presentations, briefings, and reports
  • Fulltime
Read More
Arrow Right

Senior Pentester

This role will be focused on helping to prevent and protect Fever from security ...
Location
Location
Argentina
Salary
Salary:
Not provided
https://feverup.com/fe Logo
Fever
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's Degree in Computer Science, Information Security, or another similar relevant degree (or equivalent experience in a Cybersecurity role)
  • 4+ years of hands-on experience in the Offensive Security area, such as penetration testing
  • Strong knowledge about cloud security environments (AWS, microservices, SaaS applications, cryptography, etc.)
  • Detailed knowledge of global cyber threats, including tactics, techniques, and procedures used by cyber adversaries
  • Solid understanding of hardware, web, network protocols, APIs, security issues, common attacks (OWASP Top 10), etc.
  • Experience in developing security tooling and automation
  • Professional proficiency in English
  • Analytical skills, autonomy, and accountability
  • Good communication skills
Job Responsibility
Job Responsibility
  • Conducting high-quality application and infrastructure penetration tests independently, or as part of a team
  • Perform technical reviews and assessments of new systems and features
  • Document and communicate findings, including identified vulnerabilities, exploitation techniques, and recommended remediation steps in clear and concise reports
  • Coordinate and monitor the remediation of penetration testing findings
  • Effectively communicate findings at both the technical and executive levels
  • Configure and safely use hacking tools, tactics, and procedures against authorized targets
  • Contributing to team tooling, innovation, and improvements
What we offer
What we offer
  • Attractive compensation package consisting of base salary and the potential to earn a significant bonus for top performance
  • Stock options
  • Opportunity to have a real impact in a high-growth global category leader
  • 40% discount on all Fever events and experiences
  • Osde 410 as medical insurance
  • Home office friendly
  • Responsibility from day one, and professional and personal growth
  • Great work environment with a young, international team of talented people to work with
  • English Lessons
  • Gympass
  • Fulltime
Read More
Arrow Right

Senior Application Security (AppSec) Engineer

Location
Location
Japan , 東京23区
Salary
Salary:
10000000.00 - 16000000.00 JPY / Year
https://www.randstad.com Logo
Randstad
Expiration Date
April 30, 2027
Flip Icon
Requirements
Requirements
  • 3+ years of experience in the applications security (AppSec) domain, including hands-on experience in code analysis, threat modelling, and an understanding of pentesting
  • Familiarity with key application security principles, frameworks, and technologies (e.g., CWE, MITRE, OWASP, CIS Benchmarks)
  • Strong communication skills and confidence to work closely with leads, senior devs, and the CTO, while being mature enough to handle reasonable pushbacks
  • Experience building security controls into CI/CD pipelines (GitHub actions, CircleCI, GitLab CI/CD)
Job Responsibility
Job Responsibility
  • Flexible working style: Flex-time and hybrid working style
  • English & Japanese Useage: This position regularly coordinates with overseas stakeholders, and would be a great opportunity to utilize your English and Japanese abilities on a regular basis
  • Global Tech Environment: Support a diverse team in a industry-leading global company
What we offer
What we offer
  • 健康保険
  • 厚生年金保険
  • 雇用保険
  • 土曜日
  • 日曜日
  • 祝日
  • Fulltime
Read More
Arrow Right

Csirt Security Engineer

In this role, you will be responsible for ensuring the proper implementation of ...
Location
Location
Poland , Warsaw
Salary
Salary:
200.00 - 210.00 PLN / Hour
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in cybersecurity, IT risk, or a similar security-related role
  • Strong understanding of security governance, risk management, and compliance principles
  • Experience working in Agile environments and collaborating with cross-functional teams
  • Knowledge of application security practices and tools (e.g., SAST, SCA, penetration testing)
  • Ability to assess risks, define mitigation strategies, and track remediation activities
  • Strong analytical and problem-solving skills
  • Excellent communication and stakeholder management skills
  • Ability to influence both technical and business decisions
  • Experience in preparing documentation for audits and internal controls
  • Proactive mindset with a strong sense of ownership
Job Responsibility
Job Responsibility
  • Ensure the deployment and enforcement of security and business continuity policies within the assigned tribe
  • Act as a security advisor, influencing business and technical decisions in alignment with security objectives
  • Ensure applications are properly onboarded into security tools (e.g., SAST, AVS, Pentests, SCA, ANON)
  • Promote security by design and security by default principles in software development and architecture
  • Support teams in troubleshooting and resolving security issues
  • lead cross-functional vulnerability remediation initiatives
  • Participate in Agile ceremonies (Sprint Planning, Backlog Reviews) with a strong focus on security requirements
  • Provide regular reporting on application security posture and vulnerabilities to IT Risk & Cyber Security stakeholders
  • Collaborate with central IT Risk & Cyber Security teams and other Tribe Security Officers to share best practices
  • Coordinate and follow up on business continuity tests and exercises
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs). Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Work with talented engineers on large-scale, technically challenging projects
Read More
Arrow Right

Information Security Operations Consultant

We are looking for an IS Operations Consultant to support the setup and operatio...
Location
Location
Salary
Salary:
Not provided
n-ix.com Logo
N-iX
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security operations (SOC, VM, IR, or similar)
  • Strong hands-on knowledge of security technologies (SIEM, EDR/XDR, vulnerability scanners)
  • Experience working in enterprise or multi-entity environments
  • Familiarity with cloud security concepts (AWS, Azure, IAM, logging, encryption)
  • Working knowledge of regulatory frameworks such as ISO 27001, DORA, or NIS2
  • Experience supporting external security vendors (MSSP coordination is a plus)
  • Strong communication skills and ability to work across distributed teams
  • Fluent in English and Spanish
  • German is a plus
  • Certifications (CISSP, CISM, or similar) are advantageous but not mandatory
Job Responsibility
Job Responsibility
  • Support oversight of external MSSP delivering 24x7 monitoring and incident response
  • Contribute to incident response coordination and post-incident reviews
  • Assist in strengthening cyber resilience through process improvement and operational enhancements
  • Support vulnerability management processes (validation, prioritization, remediation follow-up)
  • Coordinate penetration testing activities and tracking of remediation
  • Support the execution of security awareness campaigns and training monitoring
  • Contribute to alignment with regulatory and audit frameworks (ISO 27001, NIST, DORA, NIS2)
  • Support preparation of audit evidence and documentation
  • Assist in KPI reporting (vulnerabilities, risks, remediation status)
  • Contribute to maintaining consolidated security risk tracking
What we offer
What we offer
  • Flexible working format - remote, office-based or flexible
  • A competitive salary and good compensation package
  • Personalized career growth
  • Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)
  • Active tech communities with regular knowledge sharing
  • Education reimbursement
  • Memorable anniversary presents
  • Corporate events and team buildings
  • Other location-specific benefits
Read More
Arrow Right

Grc Consultant

In Cyclad we work with top international IT companies in order to boost their po...
Location
Location
Poland
Salary
Salary:
110.00 PLN / Hour
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3–6 years of experience as a GRC Consultant or in a similar IT security role
  • Solid knowledge of IT risk management, cybersecurity frameworks, and compliance practices
  • Strong understanding of Agile methodologies
  • Experience in vulnerability management and remediation
  • Ability to manage stakeholders and communicate effectively across teams
  • Strong analytical thinking and problem-solving skills
  • Independent, proactive mindset with a consultant approach
Job Responsibility
Job Responsibility
  • Ensure deployment of security and continuity policies across the organization
  • Influence business decisions to align with security goals and objectives
  • Ensure applications are onboarded into relevant security tools (SAST, AVS, Pentests, SCA, ANON)
  • Promote security by design and security by default principles in software architecture and development
  • Support troubleshooting and debugging of security issues
  • lead cross-functional vulnerability remediation initiatives
  • Participate in agile ceremonies (Sprint Planning, Backlog Review) with a strong focus on security
  • Provide regular reporting on application security levels and vulnerabilities to IT Risk & Cyber Security stakeholders
  • Share best practices with central IT Risk & Cyber Security teams and other security officers
  • Coordinate and follow up on continuity tests and exercises
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs). Family package option possible.
  • Multisport card (also for an accompanying person).
  • Life insurance.
  • Work with talented engineers on large-scale, technically challenging projects.
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Response Coordinator

The Microsoft Incident Response Team - Detection and Response Team (DART) are se...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • Flexibility to work shifts, including assignments during non-standard business hours that may include evening, nighttime, weekends, and/or holidays.
  • 2+ years of hands-on experience with Active Directory, Entra ID, or other enterprise identity platforms and/OR 2+ years threat hunting, windows forensics OR 2+ years pentesting experience
  • 1+ years ability to script or automate tasks using PowerShell or similar tools or 1+ years KQL experience
  • Experience in high pressure reactive incident response environments where customers are experiencing a potentially business-ending event and your evidence-driven plans of action dictate their next steps.
  • Security Certifications in any of the following: OSCP, CISSP, SANS Certifications, SC Certifications from Microsoft.
Job Responsibility
Job Responsibility
  • Scope customer engagements as part of pre-engagement activities, including assessing client needs, defining desired outcomes, and estimating resources and timelines to ensure a successful delivery.
  • Oversee escalation pathways ensuring timely responses, directing issues to the appropriate delivery teams, monitoring progress to resolution, and raising matters to leadership, when necessary, especially in cases of urgent and sensitive nature.
  • Collaborate closely with delivery teams to manage and resolve customer escalations promptly and effectively, ensuring customer satisfaction and maintaining delivery timelines.
  • Oversee staffing and capacity planning for engagements and special event support, ensuring the appropriate allocation of resources to meet demand and client needs effectively.
  • Fulfill on-call duties on a scheduled rotation, inclusive of weekends and holidays.
  • Manage and document the implementation of incident management frameworks and procedures.
  • Collaborate with internal teams, including Legal, Security Research, Product Groups, and others, to address and resolve emerging issues.
  • Ensure operational processes maintain alignment with business objectives.
  • Track the status of operational activities, ensuring schedules and priorities are met.
  • Manage daily and weekly communication and status reporting proactively.
  • Fulltime
Read More
Arrow Right

Security Vulnerability Analyst

Stride is seeking a Security Vulnerability Analyst professional to drive the tec...
Location
Location
United States
Salary
Salary:
53944.50 - 100000.00 USD / Year
stridelearning.com Logo
Stride, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Three (3) years of experience in security operations or vulnerability management
  • Hands-on experience with Tenable, Qualys, or similar vulnerability platforms in cloud-native environments
  • Deep knowledge of cloud security principles, particularly around AWS and Azure services
  • Familiarity with regulatory frameworks (NIST CSF, SOX, FRAPRA)
  • Strong interpersonal and communication skills, with experience leading cross-functional remediation efforts
  • Ability to present risk findings to both technical and executive stakeholders
  • Ability to clear required background check
Job Responsibility
Job Responsibility
  • Lead/Assist vulnerability management operations across all cloud (AWS/Azure) and SaaS environments
  • Own the configuration, tuning, and operational use of vulnerability management tooling (Tenable One or equivalent)
  • Prioritize vulnerabilities using threat-based models (EPSS, CVSS, CISA KEVs), working closely with the SOC and threat intel teams
  • Serve as the primary liaison to Engineering, Infrastructure, and AppSec teams to coordinate remediation plans and validate fixes
  • Track and report remediation SLAs, exceptions, and risk acceptance items
  • Provide vulnerability metrics and trends for leadership, compliance, and audit purposes (SOX, FRAPRA)
  • Participate in incident response activities related to active exploitation or critical vulnerabilities
  • Develop SOPs, playbooks, and dashboards for vulnerability tracking and reporting
  • Document all vulnerability management policies, procedures, and standards and keep them update
  • Correlate vulnerability findings with threat intelligence feeds to assess real-world risk
What we offer
What we offer
  • health benefits
  • retirement contributions
  • paid time off
  • bonus (eligible employees)
  • Fulltime
Read More
Arrow Right