Skip to content

Security Tester OT

  • Leipzig, Sachsen, Germany

Job description

Our Red Team

Our slogan "You scope it, we pwn it" is based on what red teamers live for: hacking.

What sets our team apart from other teams is not only that we perform pen tests, OT security assessments and red team exercises. Within Northwave, we also advise our colleagues from other departments in the field of resilience and business consultancy and, if necessary, we support the Computer Emergency Response Team (CERT) with ransomware incidents.

Thanks to our extensive knowledge pool, consisting of Northwave's Blue Team, the Threat Intelligence team, the CERT, the Reverse Engineering team and many other disciplines, we are able to support customers with today's challenges. No two tests are the same, and for each test we think along with you about what is really necessary, even outside of our red team portfolio. What we are particularly proud of is our role as a TIBER and ART provider. In addition, we are not only active in the Benelux but also in the DACH region and Nordics, as long as we can make our customers safer. And this is only part of our work within the Red Team.

For this role within our Red Team, the focus is partly on testing industrial environments, but also testing IT environments is part of the job description. Industrial processes are often critical and essential for business continuity. Linking these industrial processes to the office network, and even to the internet, is no longer an exception. Sometimes this connection is even crucial for the continuity of, for example, a production environment. However, this connectivity also increases the risk of cyberattacks on industrial processes. Such an attack can not only jeopardize continuity, but also pose risks to things like intellectual property, by letting them fall into the wrong hands. In addition, cyber attacks can have consequences for the safety of people and the environment.

Your mission

Within Northwave, we have seen an increase in requests for OT security for a number of years now, including for OT security assessments within the red team. We are therefore looking for an experienced security tester, with OT interest or experience.

As an (OT) security tester, one of your tasks is to meticulously test the industrial processes of our customers. By carefully planning and executing your security tests, and then reporting the results and providing feedback, you ensure that our customers can continuously optimize their security and keep it up-to-date. While conducting your security tests, you also keep a close eye on security.

In addition to carrying out tests in the field of OT in response to customer questions, you will also be involved in other tests from our portfolio, which our customers take from us. Moreover, there is room to further develop both yourself and your colleagues with the knowledge and skills you bring from your OT experience. We hope that you, in collaboration with our Cyber Fusion Centre, will be willing to share your experience in order to strengthen our vision and offering in the field of OT and to keep our customers optimally secured.

What can you expect from us?


First things first: you will receive a permanent employment contract with 30 days' holiday per year. You can organise your own working hours in consultation with your colleagues and customers.


What do you want to achieve and what support do you need? You will receive regular training and support in achieving your professional goals. You can also develop further within Northwave.


It is important to us to respect and value each other - as professionals and as people. The best way to get to know your 230+ colleagues from the Netherlands and Germany is to take part in one of our many activities, such as our annual trip to the theme park.


You will be equipped with a modern MacBook and iPhone. We have height-adjustable desks in our offices and our CEO loves to set us up with merchandise ;-)


In order to be mobile at all times, you will receive either a company car or a BahnCard 100 (also for private use).

What else...

No, the fruit basket in the office is not a benefit for us, but a matter of course - just like coffee, tea and lemonade. Have you ever tried Dutch caramel waffles?

Job requirements

The most important thing for us is that you fit into the team and are keen to help shape and advance Northwave. Of course, we also have a few technical requirements for this position.


You have a relevant academic degree and ideally one of the following certifications: OSCP, OSEP, CRTO and/or VCA (not a must, but a plus!)?

Knowledge and experience

You have several years of experience in performing vulnerability assessments and penetration testing in both IT and OT environments. And you have profound knowledge or experience of network security. Things like protocols, firewalls, intrusion detection systems (IDS), virtual private networks (VPN), but also security protocols like TLS and SSH hold no secrets for you.

Other strengths

You can work independently, are well structured and communicative. You can report and present complex technical findings in a clear and engaging way to all levels within an organization. And you speak very good German and English.
We know there's a lot you should know and be able to do, but what we'd really like is get in touch with you to see if there is a  match! So if you have any doubts or questions, please let us know!


I look forward to receiving your application.

If you have any questions, please contact me directly:
+49 173 687 2818

Find out more about working at Northwave here:

  • Leipzig, Sachsen, Germany


  • Leipzig, Sachsen, Germany