Work with Certego

Who is your team

You will be part of the Certego Incident Response Team and will assist your colleagues during the activation of new Customers, and during analysis and response to cyber security incidents on Customer networks. In particular, you will contribute:

• to the delivery and activation of new Customers, or new services on existing Customers;
• to the analysis and response to IT incidents on Customer networks;
• to study the threat landscape, in order to optimize the detection capabilities of the Certego PanOptikon platform;
• to the study of new detection techniques;
• to the creation of tools aimed at making the Incident Response Team operations more efficient;
• to the analysis and reporting of vulnerabilities exposed by Customer networks;
• to the development of the relationship with customers, through the generation of security reports and the presentation of the same.

What we expect from you

• Bachelor's Degree in Engineering or Computer Science; alternatively, a high school diploma followed by specific experience or training in cyber security
• Participation in courses specific to the role of Cyber Security Analyst or Penetration Tester will constitute a plus
• Good knowledge and experience from 2 to 5 years in the following areas:
  • Linux operating system
  • basic networking (network protocols, ISO/OSI model)
  • basic scripting (e.g. Python, bash)
  • network and host IPS/IDS
  • vulnerabilities and attack techniques
• Malware analysis skills will be a plus
• Good knowledge of spoken and written Italian is required for this position
• Knowledge of spoken and written English (level B1 written, A2 spoken)
• Relational and communicative skills
• Ability to manage and organize your work independently
• Predisposition to team work
• Attitude to learning and constant desire to develop new skills

What we offer

Training:

• Technical training: on reference technologies through certifications and participation in courses and events
• Training on the job: coached by more experienced colleagues
• Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

• Young
• Innovative
• Close-knit
• Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions. Working hours are in the Central European Time Zone but we are open to different solutions.

Who is your team

You will be part of the Certego Incident Response Team and will assist your colleagues during the activation of new Customers, and during analysis and response to cyber security incidents on Customer networks. In particular, you will contribute:

• to the delivery and activation of new Customers, or new services on existing Customers;
• to the analysis and response to IT incidents on Customer networks;
• to study the threat landscape, in order to optimize the detection capabilities of the Certego PanOptikon platform;
• to the study of new detection techniques;
• to the creation of tools aimed at making the Incident Response Team operations more efficient;
• to the analysis and reporting of vulnerabilities exposed by Customer networks;
• to the development of the relationship with customers, through the generation of security reports and the presentation of the same.

What we expect from you

• Bachelor's Degree in Engineering or Computer Science; alternatively, a high school diploma followed by specific experience or training in cyber security
• Participation in courses specific to the role of Cyber Security Analyst or Penetration Tester will constitute a plus
• Good knowledge and experience from 2 to 5 years in the following areas:
  • Linux operating system
  • basic networking (network protocols, ISO/OSI model)
  • basic scripting (e.g. Python, bash)
  • network and host IPS/IDS
  • vulnerabilities and attack techniques
• Malware analysis skills will be a plus
• Good knowledge of spoken and written Italian will be a plus for this position
• Knowledge of spoken and written English (level B1 written, A2 spoken)
• Relational and communicative skills
• Ability to manage and organize your work independently
• Predisposition to team work
• Attitude to learning and constant desire to develop new skills

What we offer

Training:

• Technical training: on reference technologies through certifications and participation in courses and events
• Training on the job: coached by more experienced colleagues
• Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

• Young
• Innovative
• Close-knit
• Collaborative

Placement and remuneration will be commensurate with your skills and potential.

This is a fully remote, worldwide position; working hours are in the UTC-7 zone (North America/Pacific).

Qual è il tuo team

Il Compliance Specialist si occupa di:

• Curare e mantenere il Sistema di Gestione Aziendale conforme agli standard ISO 9001, ISO 27001, CSA STAR ecc.
• Garantire l'aderenza dell'Azienda agli standard richiesti dai nostri Partner tecnologici e commerciali.
• Collaborare con le altre figure responsabili durante gli Audit e le verifiche di terze parti (enti di certificazione, Clienti, ecc.).

Il Compliance Specialist fa parte dello Staff e risponde direttamente all'Amministratore Delegato.

Cosa ci aspettiamo da te

Stiamo cercando una figura con le seguenti caratteristiche:

• Appartenenza alle Categorie Protette (Legge n. 68 del 12 marzo 1999 “Norme per il diritto al lavoro dei disabili”)
• Laurea in Ingegneria Gestionale o Economia; in alternativa, almeno due anni di esperienza specifica nell'ambito dei Sistemi di Gestione e familiarità con gli standard ISO 9001 e 27001
• Buona conoscenza della lingua inglese scritta (almeno B1)
• Capacità di gestire e organizzare autonomamente il proprio lavoro
• Predisposizione al lavoro in team
• Attitudine all’apprendimento e costante desiderio di sviluppare nuove competenze

Verranno inoltre valutate in modo positivo le seguenti competenze:

• Familiarità con i Sistemi di Gestione della Qualità (standard ISO 9001), eventualmente con certificazioni da Auditor o Lead Auditor
• Familiarità con i Sistemi di Gestione della Sicurezza delle Informazioni (standard ISO 27001), eventualmente con certificazioni da Auditor o Lead Auditor

Cosa offriamo

Formazione:

• Tecnica: su tecnologie di riferimento attraverso percorsi di certificazione e la partecipazione a corsi ed eventi
• On the job: in affiancamento ai colleghi più esperti
• Soft skills: per noi la professionalità non si esprime solo tecnicamente, per cui verrai inserito in un percorso di formazione su competenze trasversali (es. time management, team working, ….)

Benefit:

• Strumenti di lavoro: pc, telefono
• Rimborsi mensa elettronici da 8,00 €
• Welfare aziendale
• Assicurazione sanitaria integrativa
• Smart working

Contesto aziendale:

• Giovane
• Innovativo
• Affiatato
• Collaborativo

L’inquadramento e la retribuzione saranno commisurati alle competenze e al potenziale della persona.

La sede di lavoro è Via F. Lamborghini 81, Modena, MO (Italia) e l'orario d'ufficio è quello del fuso dell'Europa Centrale.

Who is your team

You will be part of our Attack Detection Team, who is in charge of the development, deployment and management of all components of the PanOptikon SOAR Platform used to detect attacks and orchestrate and automate response actions.

Your activities will consist of:

• Collaborating with the Lead Engineer and other components of the Attack Detection Team for the development of all software components in our Sensors: research and development of new methodologies, improvement of the existing ones.
• Developing and maintaining all connectors and with third party technologies, both in the cloud and on-premises (e.g. integration modules with Amazon AWS, Microsoft 365, etc).
• Taking part in the design and development of new functionalities and new modules, in collaboration with our Threat Intelligence and Threat Research teams.
• Collaborating to the design and management of the software release and continuous development processes: you will keep stable and secure the system rolling out new software releases on our 150+ appliances.

What we expect from you

• At least two years of experience one of the following fields:
  • Security Operations Center or Incident Response Team;
  • Malware Analysis, Reverse Engineering;
  • Software Development, especially if related to Cyber Security.
• Master's degree in Computer Engineering or Information Sciences; alternatively, specific experience in the fields above, to be evaluated during the interviews.
• Knowledge of spoken and written English (level B1 written, A2 spoken)
• Basic knowledge of spoken and written Italian (not mandatory)
• Relational and communicative skills
• Ability to manage and organize your work independently
• Predisposition to team work
• Attitude to learning and constant desire to develop new skills

The following technical skills will constitute a plus:

• Good knowledge of the following technologies:
  • Python and Django;
  • Docker;
  • Elasticsearch;
  • Salt Stack or any other configuration management solution;
  • Linux.
• Knowledge of Network- and Host-based IDS and IPS, vulnerabilities and attack techniques.
• Knowledge of Cloud SaaS and IaaS environments and their peculiarities, also in terms of security.

What we offer

Training:

• Technical training: on reference technologies through certifications and participation in courses and events
• Training on the job: coached by more experienced colleagues
• Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

• Young
• Innovative
• Close-knit
• Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions. Working hours are in the Central European Time Zone but we are open to different solutions.

Qual è il tuo team

Sarai inserito nell'area Engineering and R&D di Certego, che si occupa dello sviluppo della piattaforma Certego PanOptikon che utilizziamo per il rilevamento degli attacchi informatici all'interno delle reti dei nostri clienti, e per il supporto ai clienti stessi durante la risoluzione degli incidenti di sicurezza. L'area è composta da tre Team, ciascuno dei quali si occupa di una specifica componente della piattaforma:

• Threat Detection Team: si occupa dello sviluppo della componente sensoristica come il sensore per l'analisi del traffico di rete; i sensori Endpoint per l'analisi dei processi in esecuzione; le integrazioni con sistemi di terze parti, ecc.
• Security Platform Team: sviluppa e mantiene il portale PanOptikon, che è il fulcro della piattaforma e viene utilizzato sia dal nostro Incident Response Team per la raccolta e l'analisi degli allarmi di sicurezza generati dai sensori, sia dai nostri Partner e Clienti per dialogare con noi durante le fasi di risposta ad un incidente informatico.
• Threat Intel Team: ha il compito di sviluppare e mantenere tutti i sistemi di raccolta delle informazioni di Threat Intelligence, ovvero quelle informazioni (per esempio indirizzi IP; domini; hash di file; tattiche, tecniche e procedure di attacco; nuove vulnerabilità; ecc) che sono utilizzate in automatico dalla componente di Threat Detection per il rilevamento delle anomalie, e manualmente dall'Incident Response Team per validare e confermare gli allarmi prodotti dalla piattaforma.

In fase di selezione, verrà individuato il Team più adatto nel quale inserirti. Le tue attività consisteranno nel:

• Collaborare con gli altri componenti del Team per lo sviluppo del software.
• Disegnare e mantenere gli elementi architetturali degli applicativi.
• Partecipare attivamente alle fasi di progettazione delle nuove funzionalità e delle nuove integrazioni sia con applicativi Certego che di terze parti.
• Collaborare alle gestione e al design del processo di rilascio e sviluppo.

Cosa ci aspettiamo da te

Stiamo cercando una figura con le seguenti caratteristiche:

• Appartenenza alle Categorie Protette (Legge n. 68 del 12 marzo 1999 “Norme per il diritto al lavoro dei disabili”)
• Diploma o laurea in ambito ICT, in alternativa, almeno due anni di esperienza nello sviluppo di software
• Capacità di gestire e organizzare autonomamente il proprio lavoro
• Predisposizione al lavoro in team
• Attitudine all’apprendimento e costante desiderio di sviluppare nuove competenze

Verranno inoltre valutate in modo positivo le seguenti competenze:

• Buone conoscenze dei seguenti mezzi tecnologici:
  • Python (Django, Celery)
  • Git
  • Docker
  • PostgreSQL
  • ElasticSearch
  • Redis
  • Linux
• Esperienza nello sviluppo di applicazioni web
• Conoscenza di architetture REST
• Familiarità con la Cybersecurity
• Familiarità con i concetti di Continuous Integration (CI) e Quality Assurance (QA)

Cosa offriamo

Formazione:

• Tecnica: su tecnologie di riferimento attraverso percorsi di certificazione e la partecipazione a corsi ed eventi
• On the job: in affiancamento ai colleghi più esperti
• Soft skills: per noi la professionalità non si esprime solo tecnicamente, per cui verrai inserito in un percorso di formazione su competenze trasversali (es. time management, team working, ….)

Benefit:

• Strumenti di lavoro: pc, telefono
• Rimborsi mensa elettronici da 8,00 €
• Welfare aziendale
• Assicurazione sanitaria integrativa
• Smart working

Contesto aziendale:

• Giovane
• Innovativo
• Affiatato
• Collaborativo

L’inquadramento e la retribuzione saranno commisurati alle competenze e al potenziale della persona.

La sede di lavoro è Via F. Lamborghini 81, Modena, MO (Italia) e l'orario d'ufficio è quello del fuso dell'Europa Centrale.

Who is your team

You will be part of the Threat Intelligence R&D Team, who strives every day to keep Certego ahead from the threat actors with the generation of actionable information for our analysts and our customers.

Your activities will consist of:

• Following the threat landscape by monitoring threat actors with our technologies and tools;
• Writing internal reports about malware campaigns to aid the Incident Response Team in detecting and responding to the threats;
• Working closely to the Threat Intelligence Developers team to improve the components of the Threat Intelligence Platform and all other related projects (honeypots, sandboxes, analyzers, etc.);
• Researching smart and efficient ways to automate the generation of valuable and actionable threat intelligence information;
• Participating in Incident Response Activities.

Depending on your technical skill set and seniority, the following activities will be added:

• Performing advanced malware analysis and reverse engineering;
• Writing new detection logic, and maintain already existing one, for the malware sandboxes and the reputation services;
• Writing public articles in the blog;
• Participating in public presentations.

What we expect from you

• At least 1 year of experience in Malware Analysis or Threat Intelligence.
  • We will also take into consideration profiles with no experience in those subjects but with a strong and proven motivation.
• Master's degree in Computer Engineering or Information Sciences; alternatively, specific experience in the fields above, to be evaluated during the interviews.
• Knowledge of spoken and written English (level B2 written, B2 spoken).
• Basic knowledge of spoken and written Italian (not mandatory).
• Relational and communicative skills.
• Ability to manage and organize your work independently.
• Predisposition to team work.
• Attitude to learning and constant desire to develop new skills.

The following technical skills will constitute a plus:

• One or more of the following GIAC certifications: GREM, GCTI, GDAT
• Experience with disassemblers or debugger tools
• Experience in incident response or digital forensics
• Experience with:
  • Python & Django
  • Elasticsearch
  • Docker
  • Linux

What we offer

Training:

• Technical training: on reference technologies through certifications and participation in courses and events
• Training on the job: coached by more experienced colleagues
• Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

• Young
• Innovative
• Close-knit
• Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions if you meet the requirements in terms of experience and skills. Working hours are in the Central European Time Zone but we are open to different solutions.

Who is your team

You will be part of the Threat Intelligence R&D Team, who strives every day to keep Certego ahead from the threat actors with the generation of actionable information for our analysts and our customers.

Your activities will consist of:

• participating in the development, deployment and maintenance of our Threat Intelligence Platform and all other related existing projects (honeypots, sandboxes, analyzers, etc.)
• participating in the design and creation of new software solutions, both open source and proprietary
• working closely with our Threat Intelligence Analysts to continuously improve our TI solutions based on their feedback
• working with a variety of technologies from the full application stack

What we expect from you

• At least 1 year of experience in Software Development
• We will also take into consideration profiles with no experience in those subjects but with a strong and proven motivation
• Master's degree in Computer Engineering or Information Sciences; alternatively, specific experience in the fields above, to be evaluated during the interviews.
• Knowledge of spoken and written English (level B2 written, B2 spoken)
• Basic knowledge of spoken and written Italian (not mandatory)
• Ability to manage and organize your work independently
• Relational and communicative skills
• Predisposition to team work
• Attitude to learning and constant desire to develop new skills

The following technical skills will constitute a plus:

• Experience in open source software development
• Experience with:
  • Python and Django
  • Javascript and ReactJS
  • NoSQL databases (MongoDB, ElasticSearch, …)
  • Docker
  • Linux
• Experience in cyber security related subjects

What we offer

Training:

• Technical training: on reference technologies through certifications and participation in courses and events
• Training on the job: coached by more experienced colleagues
• Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

• Young
• Innovative
• Close-knit
• Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions. Working hours are in the Central European Time Zone but we are open to different solutions.

Who is your team

You will be part of the Threat Research Team, who works every day to analyze new malicious software and new attack techniques, in order to provide the rest of the teams with actionable information that can be used for the detection, analysis, containment, removal and prevention of cyber attacks.

Your activities will consist of:

• Continuously testing and evaluating open and closed source security solutions in real case scenarios;
• Performing Purple Team activities: use our Malware Analysis lab to study the behavior of new malware strains and replicate new attack techniques, in order to observer how to detect, analyze, block and remove them;
• Expanding and maintaining our virtual test lab: OS, software and specific tools needed for our tests;
• Writing new detection rules and maintaining already existing ones for all the technologies we manage (EDRs, IDS, Log correlation and experimental tools);
• Developing custom tools and modules related to Threat Hunting, Incident Response and Mitigation;
• Writing and maintaining Playbooks that cover advanced attack scenarios;
• Performing advanced Incident Response in complex scenarios;
• Writing internal reports and public articles on our blog, regarding new interesting attack techniques, new malware strains, etc;
• Participating in public presentations and conferences.

What we expect from you

• At least 3 years of experience in one or more of the following areas.
  • Purple Team
  • Red Team
  • Signatures Development
  • Malware Analysis
  • Reverse Engineering
  • Operating System internals (especially from a security prospective)
  • Low level security programming
  • Low level network programming
• We will also take into consideration profiles with no experience in those subjects but with a strong and proven motivation.
• Knowledge of spoken and written English (level B2 written, B2 spoken).
• Basic knowledge of spoken and written Italian (not mandatory).
• Relational and communicative skills.
• Ability to manage and organize your work independently.
• Predisposition to team work.
• Attitude to learning and constant desire to develop new skills.
• Strong motivation.

The following technical skills will constitute a plus:

• Master's degree in Computer Engineering or Information Sciences
• RedTeam certifications: GPEN, GWAPT, GXPN, GCPN
• Purple Team certifications: GDAT, GFACT
• (Almost) all SANS and Offensive Security certifications related to the skills listed above
• Experience with disassemblers or debugger tools
• Experience in incident response, threat hunting and digital forensics
• Experience in OS internals/development
• Experience in attack techniques
• Experience in detection/response/prevention/mitigation logic and tools
• Experience with Python, Powershell, Bash, Batch
• Experience with C, C++, Rust, ASM and shellcode development
• Experience with advanced layer 7 network protocols ( ex. DCERPC/SMB/WinRM/Kerberos/LDAP/Netbios/LLMNR ...)
• ELK stack
• Linux and Windows

What we offer

Training:

• Technical training: on reference technologies through certifications and participation in courses and events
• Training on the job: coached by more experienced colleagues
• Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

• Young
• Innovative
• Close-knit
• Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions. Working hours are in the Central European Time Zone but we are open to different solutions.

In Certego, we strongly believe in the training of young talents! We are looking for people who can bring diverse and fresh perspectives to our growing team.

We are always available to host curricular and extra-curricular internships and applied research thesis projects in the field of Cyber Security and software development, including Open-Source software.

All our internships are aimed at hiring the students at the end of their experience: for this reason, the process is analogous to our normal selection. Internship programs are designed to give you the opportunity to create, develop, and demonstrate your skills while getting hands-on experience.

Working at Certego is a healthy mix of challenging and rewarding, a balance of learning and exploration, combined with support and mentorship. If you are interested in an internship experience at Certego, you can use the form below to send us your Curriculum Vitae and a brief cover letter.