Location The Hague – at least 32 hours per week
Are you always looking for unknown vulnerabilities and the most complex exploits? Are you expert at developing exploits yourself and executing pentests ? Do you like to share your knowledge and skills on security, rescue teaming, exploitation and other security topics with colleagues and do you see it as a challenge to include colleagues in your story? Do you like brainstorming about the different services NFIR can offer its customers? In this position you will be technically challenged to get the best out of yourself and the pen testing team and to perform the best pen tests together with your new colleagues.
Pen tests
Pen tests is very important to businesses as companies and organizations increasingly own large amounts of data. With the advent of the GDPR, the security of personal data has become more important than ever and it has become a duty for companies to secure this data. We’re happy to put that security to the test. Together with other ethical hackers/pentesters, you will work with different types of companies and organizations to investigate which vulnerabilities are present in a company.
Nothing is too crazy here: From walk-in actions, performing red-teaming actions, sending (spear) phishing emails, to testing printers and applications and hacking into SCADA systems, NFIR has it all!
As a pen tester, you are also part of our Incident Reponse team.
Function requirements
- Giving up is not an option for you, no challenge is too big for you;
- Creativity is in your genes, if you don’t enter to the left, maybe to the right;
- Experience with Linux, Windows, OS X and mobile operating systems such as iOS and Android;
- You can deal very well with various tools that make your work easier, such as Kali Linux, Nessus, Metasploit;
- A pro in performing OSINT research;
- Flexible and able to be open to new attack approaches, learn new tools and be able to convert feedback from colleagues into new energy to make pen testing even better;
- Draw up reports and advice, in order to inform the client as well as possible about the vulnerabilities;
- You are very communicative: you can explain to a non-technical customer exactly what has been found and what the impact is;
- You are flexible, you understand that incidents also take place outside working hours;
- Certifications/Training: relevant HBO/WO training;
- You have OSCP certification (or similar);
- At least 5 years of relevant work experience;
- At least 32 hours a week;
- In view of the work, a chief constable’s approval is necessary;
Work in a professional and vibrant team
Terms of employment
NFIR applies a salary in line with the market, based on education and experience. The fringe benefits are also very well regulated (lease car, telephone, laptop, pension and various training possibilities).
Got excited about this vacancy? Or do you have questions and/or remarks? Please contact Arwi van der Sluijs via vacatures@nfir.nl.
Acquisition in response to this vacancy is not appreciated.