Security Researcher / Ethical Hacker

Apply now

Security Researcher / Ethical Hacker

Hack the system!

Full-time · Enschede

We are looking for an ethical hacker for our internal ‘Red Team.’ Along with your colleagues in the team, you will search for possible vulnerabilities in our infrastructure, software components, and processes. We are looking for someone who is aware of the latest developments in the field of cyber security, has a real "hacker mindset," and also enjoys sharing their knowledge within the company.

What will you be doing?

  • Performing (internal) penetration tests for other DevOps teams, implementation teams, customers, or annual security audits;
  • Sharing knowledge in the field of security within Sqills. For example, by writing internal blog posts, giving a talk, or organising a Capture the Flag (CTF) for colleagues;
  • Implementing automated security tests and tooling for security testing;
  • Researching new vulnerabilities in external frameworks, libraries, and software that we use within Sqills.

About you

  • Bachelor and/or master degree in IT, preferably in cyber security, security management or related (minors in this field are also an option). Or a demonstrable passion for security and proven skills;
  • You think like a hacker and have demonstrable experience in web security. This could be as a penetration tester, bug bounty hunter, security researcher, etc;
  • Aware of developments in cybersecurity and the OWASP top 10 and knows how to find and exploit these vulnerabilities;
  • Enjoys participating in CTFs or likes to "pwn" a box at HackTheBox;
  • Experience in programming, code reading, and recognising vulnerabilities in the code. Java and/or Golang is a plus;
  • Ability to work independently and as part of a team.

This is a challenging opportunity to work on a product with a significant impact and make a significant contribution to the rail- and bus transport industry. If you are a talented and driven ethical hacker or security researcher, we would love to hear from you.


Our software is complex enough, applying for a job shouldn’t be. That's why we only want some basic information.