Job Description
">
We are seeking a highly skilled Pentester to join our team. As a Penetration Tester, your primary role will be to perform and lead penetration testing on our global IT infrastructure.
">
You will be part of a dynamic team that offers various security services to all Randstad countries and their IT landscape. These services include traditional penetration testing (black/white box) and complex Red Teaming exercises, simulating real-world adversary tactics and techniques.
">
The successful candidate will have strong understanding of OWASP, penetration testing methodologies, security standards and best practices.
">
Key Responsibilities:
">
">
1. Lead pentest-projects on network & infrastructure assessments
">
2. Develop and maintain Red Teaming scenarios and attack simulations based on current threat intelligence.
">
3. Collaborate with incident response teams (blue team) to improve detection and response capabilities based on Red Team findings.
">
4. Provide detailed reports on Red Team activities, including recommendations for improving the organization's security posture.
">
5. Analyze vulnerabilities and penetration test findings, propose remediation strategies and security requirements, help to mitigate security vulnerabilities at each layer.
">
6. On a day-to-day basis, contribute to the security community, ensure support and follow-up with the application development and infrastructure teams on resolving the vulnerabilities found.
">
7. Research on the latest security best practices and technologies, stay aware of any new threats and vulnerabilities and share the information and impact within the team and the Group.
">
8. Mentor and train less experienced team members.
">
">
Requirements:
">
">
* A strong Hacker Mindset
">
* At least 5 years of relevant working knowledge and experience in the IT field
">
* Experience with conducting adversary simulations and Red Teaming exercises
">
* Strong understanding of OWASP, penetration testing methodologies, security standards and best practices
">
* Network penetration testing and manipulation of network infrastructure
">
* Ambition to lead pentesting projects and services
">
* Ability to work with an international environment and to team up with other security and development teams
">
* Good communication skills in English
">
* Knowledge of MITRE ATT&CK framework and its application in Red Teaming engagements
">
* Experience on developing, extending, or modifying exploits, shell code or exploit tools
">
* Nice-to-have: Experience with Purple Teaming
">
* Nice-to-have: Certifications with a focus on Red Teaming and adversary simulation, such as GIAC GXPN, are highly desirable
">
* Nice-to-have: Master Degree (or equivalent) in Information Security / Cyber Security
">
* Nice-to-have: Certificates related to competence offensive security - (e.g. OSWE, OSCP, CEH, GIAC GPEN, GIAC GXPN, EC-Council LPT)
">
* Nice-to-have: Experience in developing applications
">
* Nice-to-have: Knowledge of cloud security best practices for AWS and GCP
">
* Nice-to-have: Ability to read and understand code (Java, Python, React/Angular)
">
">
Benefits:
">
In return for your talent and effort, we pay a good, competitive salary and offer attractive benefits. Job security and a great work-life balance mean we take care of each other. Imagine having an instant network where everyone wants you to succeed.
">
Randstad's performance standards are high, but as a team, we'll make sure you reach and even exceed them through a wide range of learning and development opportunities. Joining our team means getting to work with great people. Each of them is crucial to maintaining our open-minded, entrepreneurial, and vibrant company culture.
">
Sure you will work hard, but this hard work is also rewarded, and success is celebrated together. It is the culture you will find in any of our global Randstad offices.
">
We believe in an approach of working with developers and infrastructure teams instead of only supplying them with a report. By working closely with other IT teams we become 'The Partner' in identifying and resolving vulnerabilities to all Randstad countries.
"],