We are looking for a **CyberSOC Offensive Security Specialist** to be part of our **IT Security & Compliance** team. **Position Snapshot** + Location: Barcelona + Type of Contract: Permanent + Stream: IT Security & Compliance + Type of work: Hybrid + Work Language: Fluent Business English **The role** Nestlé is seeking an experienced **CyberSOC Offensive Security Specialist** to join our team and help us improve our cyber resilience. In this role, you will be responsible for performing internal penetration tests, red teaming exercises, and vulnerability assessments across our different environments. You will also work with external security providers, analyze their findings, evaluate their impact on our environment, and report the findings and recommendations to high-level personnel. **What you’ll do** + Manage the full life-cycle of offensive security testing engagements and complex offensive security projects, from scoping, executing, reviewing, assessing to reporting and remediation. + Conduct, document and communicate findings and recommendations related to red teaming exercises, penetration testing or bug bounty engagements to technical and non-technical stakeholders. + Develop high-level documentation for non-technical business owners to communicate security risks and recommendations. + Lead the design and implementation of automation workflows for offensive security projects to streamline testing and improve efficiency. + Contribute to the design and development of internal lab environments and toolsets needed for offensive security testing. + Collaborate with leadership, partner teams, and service owners to drive effective teamwork, communication, and commitment across multiple disparate groups with competing priorities. + Stay current on attack techniques, weaknesses, and vulnerabilities and share knowledge with the team to improve capabilities. + Provide Offensive Security training to improve skills and knowledge of other team members. + Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures, and guidelines to enable proper risk mitigation for each business capability. **We offer you** We offer more than just a job. We put people first and inspire you to become the best version of yourself: + **Great benefits** including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc. + **Personal and professional growth** through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset. + **Hybrid working environment with flexible working scheme** . Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill! + **Recreation activities** such as yoga, Zumba, etc. and a wide range of volunteering activities. **Minimum qualifications:** + Bachelor's or Master’s Degree in Computer Science, Information Security, or another similar relevant degree. + 4+ years of experience in penetration testing, cyber security, and threat assessment. + Good understanding of automated and manual techniques to test security within systems and network protocols, web application technologies, and knowledge of the OWASP testing frameworks. + Familiarity with Cloud and on-premise infrastructure, Red Teaming methodologies, and AD attacks.. + Experience with offensive tools such as Qualys, Metasploit, Burp Suite, Bloodhound, SDR, Wireless, Intercepting Proxies, or others. **Bonus Points if you:** + Experience investigating malware behavior and concepts of IoT security, and how SDR works. + Relevant technical and industry certifications, e.g. OSCP or GIAC certifications. **About the IT Hub** At Nestlé IT, we are a diverse, global team of IT professionals in the biggest health, nutrition and wellness company of the world. We strive to create an environment where people are valued for who they are. We innovate every day through future ready technologies to create opportunities for Nestlé to delight consumers, customers and employees alike. We collaborate with partners around the world to deliver tangible value at global scale. We continuously work to develop our people to be future ready. **About Nestlé** We are Nestlé, the largest food and beverage company in the world, with a presence in more than 185 countries. With net sales of CHF 94.4 billion in 2022, the company has over 291,000 employees and 418 factories in 85 countries. Our values are based on respect: respect for ourselves, respect for others, respect for diversity, and respect for our future. Nestlé is dedicated to offering high-quality food and beverage products and services that contribute to the nutrition, health, and well-being of people, pets, and the planet. Additionally, it is committed to being a leading company in sustainability and achieving net zero greenhouse gas emissions by 2050. Want to learn more? Visit us at: www.nestle.com _We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability._ Step outside your comfort zone; share your ideas, way of thinking and working to make a difference to the world, every single day. You own a piece of the action – make it count. **Join Nestlé’s IT Hub #beaforceforgood**