Are you the type of hacker who would rather bypass an EDR than just read about it? Are you energized by covert C2 channels, living-off-the-land techniques and purple-team after-actions? And do you have experience with Threat Intelligence-Based Ethical Red Teaming (TIBER) or Threat-Led Penetration Testing (TLPT) assessments? Then we have this great challenge for you.
In this role you will perform attacks against banks, critical infrastructure, government organizations and hospitals under realistic conditions. You will work in multidisciplinary teams with social engineers, exploitation specialists, behavioral psychologists and all-round hackers.
What will you perform
- Perform full-scope TIBER-EU/TLPT testing and other Red Teaming processes, from recon, through initial recon to privilege escalation and exfil.
- Design Red-Team playbooks based on current threat information (MITRE ATT&CK, CTI reports, sector-specific TTPs).
- Collaborate with Blue-Teams during detection & response workshops and Purple Teams.
- Build and maintain proprietary tooling (C2 frameworks, payload-obfuscation, implant modules) - automation where possible, manual work where necessary.
- Write and present no-nonsense reports with step-by-step, reproducible elaboration of scenarios, technical root-cause analyses and strategic recommendations.
- (Optional) Contribute to community & R&D: blogging, conference talks, CTF-challenge design, public exploit-release or CVE-research.
Your profile
- At least 3 years of hands-on Red Team experience.
- Demonstrated participation in TIBER-NL/EU, ART or TLPT tracks.
- Deep knowledge of Windows & *NIX internals, AD abuse, cloud (Azure/AWS) attack paths, OT networking or ICS protocols is a plus.
- Certifications such as OSCP, OSEP, CRTO, CRTP, GXPN - or similar level.
- Excellent Dutch and English communication skills; you can switch from SOC analyst to C-level.
- No objection to on-site work, varying working hours or additional screenings for sensitive projects.
What can you expect with us?
Together with a great team of offensive professionals, you will have the opportunity to develop and expand your knowledge and expertise in cybersecurity.
We have offices in the two main technology centers of the Netherlands: Eindhoven and Amsterdam. This role can be filled from either location.
- Growth opportunities: We are a fast growing company and you will have the opportunity to grow in this. Whether it involves responsibilities, increasing your visibility within and outside the organization, or attending training and education, at Bureau Veritas Cybersecurity your career development is key.
- Cool projects: You will work with a wide range of renowned clients and customers. This gives you the opportunity to demonstrate your expertise and apply your skills in different environments, allowing you to continue to grow and learn. We do not only offer opportunities for projects within the Netherlands. There will also be opportunities internationally.
- Culture: At Bureau Veritas Cybersecurity, we value celebrating successes and creating an enjoyable work environment. We regularly organize fun activities ranging from annual ski trips to various wine and beer tastings, sailing trips, barbecues and more. Here, team building is key.
Are you interested in this vacancy?
Do you have questions or would you like to apply? You can do so via jobs.cybersecurity@bureauveritas.com
Pre-employment screenings and assessments can be part of the recruitment procedure. Annual social media screening and a VOG will take place.
Linked-in
Google