We are looking for an ethical hacker for our internal ‘Red Team.’ Along with your colleagues in the team, you will search for possible vulnerabilities in our infrastructure, software components, and processes. We are looking for someone who is aware of the latest developments in the field of cyber security, has a real "hacker mindset," and also enjoys sharing their knowledge within the company.
What will you be doing?
- Performing (internal) penetration tests for other DevOps teams, implementation teams, customers, or annual security audits;
- Sharing knowledge in the field of security within Sqills. For example, by writing internal blog posts, giving a talk, or organising a Capture the Flag (CTF) for colleagues;
- Implementing automated security tests and tooling for security testing;
- Researching new vulnerabilities in external frameworks, libraries, and software that we use within Sqills.
- Bachelor and/or master degree in IT, preferably in cyber security, security management or related (minors in this field are also an option). Or a demonstrable passion for security and proven skills;
- You think like a hacker and have demonstrable experience in web security. This could be as a penetration tester, bug bounty hunter, security researcher, etc;
- Aware of developments in cybersecurity and the OWASP top 10 and knows how to find and exploit these vulnerabilities;
- Enjoys participating in CTFs or likes to "pwn" a box at HackTheBox;
- Experience in programming, code reading, and recognising vulnerabilities in the code. Java and/or Golang is a plus;
- Ability to work independently and as part of a team.