Ethical Hacker vacancy

By 8 February 2021 February 17th, 2021 News, Offensive Security, Jobs

Do you want to help our clients feel safe?

You are curious and always on the lookout for potential risks. You want to use your knowledge to make a positive contribution to society. You want to be relevant and make our clients digitally resilient. In that way we can all make the Netherlands more digitally secure.

Do you want to use your knowledge and skills within an organisation where you can really make an impact? Do you agree with us that hacking is not just about tools? In short, are you ready to take a new step in your career and do you feel at home in an entrepreneurial environment in which there is plenty of opportunity to help expand our Red Team? If so, come and work at Tesorion. We are an ambitious organisation which is building a future as the best and most enjoyable cybersecurity player to work for in the Netherlands.
You will find yourself part of a friendly and open team that appreciates your contributions and innovativeness. Are you someone who does not shirk a challenge, who perseveres where others give up, are always up-to-date on the latest developments in the field of IT and cyber security and also have the courage to apply that knowledge in practice? If so, then you are the person we are looking for!

At Tesorion we are looking to recruit an Ethical Hacker.

Pioneer

Inventiveness

Creativity

Capacity to adapt

Enjoyable assignments

What will my tasks be?

Your primary task will be to simulate attacks on (computer) systems and networks. In this way you will expose vulnerabilities and advise on how these can be mitigated so that they cannot be used by an external party. As a result you will make it impossible, for example, for a malicious third-party to obtain and/or misuse financial information, passwords, personal data or intellectual property.

In this role it is important that you are analytical, enterprising and creative. As an ethical hacker you understand the importance of writing (in Dutch and English) a comprehensive report and you can share and present your research results in language that ordinary people can understand. You, of course, have a flexible attitude and are perfectly prepared to work regularly at clients’ premises (of course in the Covid-secure way).

What will my role be?

Although it goes without saying that no two days are the same when you work as an Ethical Hacker, we would still like to try and give you an impression of an average working day:

We start the day with a cup of coffee or tea and a short online Teams call. You will then have an opportunity to tell your colleagues about an article you have read, or a tutorial you have seen and with regard to which you want to explore the technical aspects in more detail. Your colleagues will be interested to find out more and you suggest giving a short presentation during the next lunch&learn session. After that you will continue carrying out an assessment for a client. You receive a message from a CERT colleague asking whether they can engage you for a second opinion. They have a case and know that you have gained experience previously in this specific area.

It seems to be an excellent opportunity to apply your expertise in practice, so you get in contact with them. CERT often means urgent, so it is good to check that. At the end of the afternoon a colleague calls you to find out whether you have time to carry out a pen test. You agree to assess the client’s requirements, together with the account manager, and to determine whether a pen test is in fact the best way to help this client. At the end of the day you update your reports so that you are ready for the next day.

Which skills do I need?

There are, of course, a number of skills we would like you to have:

  • You are familiar with (hacking) tools such as metasploit, burp etc.
  • You are practical and you can create a script if you have to repeat something a third time.
  • You have an excellent command of the Dutch language in word and writing.
  • You are a builder and have a go-getter mentality, meaning that if it does not exist, you will create it.
  • You are able to work independently and are a self-starter and can, of course, also work well with others.
  • You are able to exchange knowledge and experience with the various experts within Tesorion and work closely with the Threat Intelligence, SOC and T-CERT colleagues.
  • You really enjoy circumventing and discovering existing usage behaviour.
  • You know how you can combine various vulnerabilities in order to gain increased access to sources which are normally protected.
  • You are able to apply your knowledge of networks and (web) applications in practice.
  • You are creative, never stop learning and actively update your knowledge
  • You have the necessary technical know-how and like sharing it with others.
  • You are able to perform assessments of (web) applications, infrastructures and various other components. You are also able to combine various expertises within the framework of Red Team assessments. This requires considerable ingenuity.

What is Tesorion offering me?

  • A salary that is in line with your knowledge and experience.
  • 25 days off per year.
  • A leased car.
  • A personal choice budget, for example to purchase extra days off.
  • A laptop and a telephone allowance.
  • We regard your personal development as a priority and that is why we will be specifically working with you on that as well.
  • A pension scheme, because we also consider your future to be important.
  • The chance to help build a new organisation in which plenty of opportunity is offered for your own responsibility, contributions and creativity.

Are we the right match?

If this challenge appeals to you and you would like to use your knowledge and experience to keep our clients cyber secure, please send as your CV and motivational letter using the form below.

Please feel free to ask questions. In that case you should contact our Red Team Manager, Dejana Grbovic, on +31 (0)6 33 69 43 11.

Apply immediately (Dutch only)

Any attempt at acquisition as a result of this vacancy will not be appreciated.