Cyber Security Pentester (Red Team Role) - EU Institution

Who are we?

NRB - Trasys International is a dynamic global organization that takes pride in being the trusted partner of EU Institutions. With strong commitment to excellence and a 30-years track record of delivering high-quality solutions, we are dedicated to supporting the growth and success of our clients. Our Mission is to help our clients keep up with the challenges of digital transformation by providing the right talent at the right time for the right job. To this end, we are constantly looking for talented professionals who are interested in working on challenging international projects and able to deliver high-quality results within multicultural environments. Our services include (but are not limited to) modernization of solutions, digital workspaces, cloud technologies and IT security. Our Headquarters are in Brussels and we have active accounts and offices across Europe (i.e. Luxembourg, Amsterdam, Athens, Stockholm, Geneva).

Is this YOU?

We are seeking a mid-senior level Cyber Security Pentester for a major EU Institution on-site in The Hague, NL.

You would be part of a team focusing on penetration testing, vulnerability management and red team-related work in cross collaboration with IT teams at every level.

Responsibilities:

• Collaborate with IT teams to develop and implement effective remediation plans

  and detections.

• Prioritize vulnerabilities using risk assessment methodologies.

• Develop and maintain custom scripts and tools for vulnerability analysis.

• Contribute to the development of vulnerability management policies and procedures.

• Assist in compliance audits related to vulnerability management.

• Managing vulnerability management platforms (e.g., Tenable).

• Perform manual vulnerability assessments.

• Scripting (e.g., Python, PowerShell) for custom vulnerability checks.

• Strong understanding of exploit frameworks and threat intelligence.

• Assessing vulnerabilities in both on-premises and cloud infrastructure and applications.

• Ensuring compliance standards related to vulnerability management.

• Clearly present findings in written and oral form, to both technical and non-technical audiences.

• Lead penetration testing engagements on various targets in on-premises and cloud infrastructure.

• Conduct comprehensive tests, including automated and manual testing.

• Identify and exploit a wide range of vulnerabilities and misconfigurations.

• Collaborate with stakeholders to define penetration testing scopes and objectives.

• Develop and customize penetration testing methodologies.

• Create detailed and actionable reports with remediation recommendations.

• Stay updated on advanced attack techniques and emerging threats.

• Provide detection teams sufficient context for collaborative purple team improvement efforts.

Core requirements:

• Minimum of 6 years of experience in cybersecurity, with at least 3 years specifically in penetration testing, vulnerability management, and red teaming.

• Mastery of red teaming methodologies, techniques, and evasion tactics.

• Proficiency in penetration testing methodologies and tools.

• Strong scripting skills in PowerShell or Python.

• Advanced knowledge of vulnerability assessment tools and methodologies.

• Must be located in commutable distance to The Hague, South Holland, Netherlands or Netherlands.

• Familiarity with advanced red teaming techniques and tools.

• Familiarity using Cloud On-Prem tools (Azure, etc.)

• In-depth knowledge of various types of vulnerabilities (e.g., software, network, web applications).

• Proficiency in advanced vulnerability scanning and assessment techniques.

• Ability to analyze and prioritize vulnerabilities based on risk.

• Familiarity with penetration testing methodologies and tools.

• Knowledge of threat intelligence sources and their relevance to vulnerabilities.

• Understanding of security frameworks and standards.

• Skill in creating and maintaining a vulnerability database.

• Certifications in Cyber Security within Pentesting / Offensive Cyber Security - CISSP, OSEP, etc. or similar.

#LI-JG1