Job description
Over Northwave
From our head office in Utrecht, we have been providing 24*7 cybersecurity services for more than 17 years. In doing so, we not only look at the technology, but also at the human behaviour within the organisation and thus provide integrated security services. That's why organisations that take their cyber security seriously like to work with us. We take the complexity of security management off their hands, leaving them in control.
We are a fast-growing organization of 250+ employees, which is the market leader in the field of information security. Our 100% self-financed European company is on a mission to make high-quality, integrated information security accessible to organizations that depend on their digital business. Northwave stands for diversity, inclusivity, quality and long-term relationships.
Our Red Team
Our slogan "You scope it, we pwn it" is based on what red teamers live for: hacking.
What sets our team apart from other teams is not only that we perform pen tests, OT security assessments and red team exercises. Within Northwave, we also advise our colleagues from other departments in the field of resilience and business consultancy and, if necessary, we support the Computer Emergency Response Team (CERT) with ransomware incidents.
Thanks to our extensive knowledge pool, consisting of Northwave's Blue Team, the Threat Intelligence team, the CERT, the Reverse Engineering team and many other disciplines, we are able to support customers with today's challenges. No two tests are the same, and for each test we think along with you about what is really necessary, even outside of our red team portfolio. What we are particularly proud of is our role as a TIBER and ART provider. In addition, we are not only active in the Benelux but also in the DACH region and Nordics, as long as we can make our customers safer. And this is only part of our work within the Red Team.
The role
Together with the team of experienced Red Team Operators (with 5+ years of experience) you will work on smart scenarios and challenge the customer to the limit.
During a Purple Teaming workshop, you will then ensure that the Blue Team is able to effectively recognize and prevent future attacks. Afterwards, you will give one or more presentations to present the results to the entire organization, from technician to CEO. But of course we assume that this does not sound crazy to you as an experienced red teamer.
It is nice to know that we have so much and diverse expertise within Northwave that we regularly share Zero-Days, "Tales from the Trenches", and other tactics and experiences on various stages. In short, you can find us everywhere, seen or unseen.
How do we achieve all this for our customers? It always starts with an intake. We discuss what keeps the client awake at night (the crown jewels), build targeted and realistic attack scenarios and record agreements in a "Rules of Engagement" document. After these preparations, we immediately get to work in practice. Everything is possible: searching for sensitive information in public sources, building targeted malware and spear phishing scenarios, looking for (un)known vulnerabilities to gain access, etc.
What can you expect from us?
- Lease car or a good travel allowance
- Working from home is not a problem for us
- Macbook and iPhone
- 25 vacation days
- Good pension plan
- 250+ international passionate colleagues to work with and learn from
- Training budget for e.g. OSCP, OSEP, CRTO or equivalent training
- Fun Northwave events and parties, access to exciting conferences and space for your own input
- An appropriate salary for the knowledge and skills you bring to our company
Job requirements
- Have several years of experience in pentesting and/or red teaming
- Design realistic attack scenarios that truly help customers?
- Stay up-to-date with the latest tactics, techniques, and procedures (TTPs) used by attackers
- Are you excited about exploring Active Directory environments, but also know your way around Entra ID
- Possess excellent OPSEC skills and know when to put pressure on Blue Teams at the right time?
- Present complex technical findings in a clear and engaging way to all levels within an organization?
- Would you like to share knowledge, both within our Red Team and with the wider security community?
- It is an advantage if you have a technical HBO or WO background and/or are in possession of certifications such as OSCP, OSEP, CRTO (or are willing to obtain them).
We know there's a lot you should know and be able to do, but what we'd really like to do is get in touch with you to see a match! So if you have any doubts or questions, please let us know!
Interested?
What is important to you in your next step? We are happy to start a conversation. Apply directly or contact our recruiter Bastiaan first.
bastiaan.rolloos@northwave-cybersecurity.com
+31 6 45 880 490
- Utrecht, Utrecht, Netherlands
or
- Utrecht, Utrecht, Netherlands
All done!
Your application has been successfully submitted!