IT Security Specialist (Offensive Security / TIBER-EU) 100% - (Contract through our external payroll partner with immediate start for 12 months with possible extension)

Join Julius Baer as an IT Security Specialist, where we value your unique skills. Enjoy a dynamic work environment with opportunities for growth.

Tasks

• Coordinate penetration tests and security assessments effectively.

• Evaluate vendor proposals and provide informed recommendations.

• Manage vulnerability lifecycle and track remediation progress., As an IT Security Specialist within IT Security Solutions, you are responsible for the operational coordination and quality assurance of penetration tests, security assessments, deception controls, and TIBER-EU-aligned red team activities. You ensure that engagements are properly scoped, offers and reports are professionally reviewed, findings are consistently tracked, and remediation measures are verified through retesting - in a structured, traceable, and effective manner. In addition, you leverage deception technologies to detect attacker behaviour at an early stage, deliberately deploy deception mechanisms, and contribute additional security-relevant insights to assessments and remediation activities., * Lead scoping discussions for internal and external penetration tests, defining objectives, scope, ROE, and technical prerequisites

• Evaluate vendor proposals for security assessments, assessing scope, methodology, quality, cost, and timelines

• Identify gaps and risks in vendor offerings; collaborate with stakeholders to provide informed selection recommendations

• Conduct thorough reviews of pen test reports to ensure technical accuracy, clear evidence, proper severity scoring, and actionable remediation guidance

• Ensure all findings are reproducible, well-documented, and effectively communicated; coordinate clarification with vendors when needed

• Manage vulnerability lifecycle using Jira/ServiceNow, including tracking, prioritisation, follow-ups, and escalation of overdue or blocked items

• Monitor remediation progress with risk-based focus, providing regular updates on key metrics such as critical findings, MTTR, and recurrence trends

• Offer technical guidance to coordinators and engineers, supporting interpretation of results and planning corrective actions

• Organise and perform internal retesting to validate fix effectiveness and contribute to root cause analysis to prevent future vulnerabilities

• Support TIBER-EU engagements where applicable, ensuring compliance with governance, traceability, and post-assessment action tracking

• Continuously enhance assessment standards, checklists, and processes across scoping, reporting, and retesting activities

• Bachelor's in Computer Science or related field; 3-6 years in IT security.
• Strong knowledge of penetration testing methodologies and tools.
• Excellent Python skills for automation and tool development., * Bachelor's degree in Computer Science, Information Security, or equivalent practical experience
• 3-6 years of experience in IT security delivery, AppSec, SecOps, or security assessment coordination
• Solid understanding of web, application and API security (OWASP Top 10), vulnerability classes, and risk assessment
• Strong knowledge of common penetration testing methodologies and deliverables (scope, ROE, test plan, report, retest)
• Experience with Jira and/or ServiceNow for issue and vulnerability management
• Excellent Python skills, particularly in automating workflows and developing security-relevant tools
• Experience with HashiCorp Vault, including secrets management, PKI operations, policy configuration, and automation
• Experience with IBM PAM (Privileged Access Management) or comparable enterprise-grade PAM solutions
• Excellent organisational and prioritisation skills across multiple parallel engagements
• High quality standards for documentation and audit trails in regulated environments
• Clear and confident communication with both technical and non-technical stakeholders
• Hands-on mindset with the ability to switch between technical detail and management-level perspectives
• Professional proficiency in English (written and spoken); German is an advantage

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let's shape the future of wealth management together.