Penetration Tester (m/w/d), Schwerpunkt: OSINT, Threat Intelligence (TI), Red Teaming

About the job

Your tasks

• Conducting OSINT analyses, threat intelligence (TI) and on-site reconnaissance for red team assessments
• Planning and execution of realistic phishing and social engineering campaigns
• Conducting penetration tests and red team assessments
• Creating your own scripts and adapting the open source tools used
• Conception and implementation of IT security workshops and live hacking sessions (trade fairs, customer events, etc.)
• Independent project management
• Moderate travel for testing and customer appointments (domestic & international)
• Support in tender discussions, scoping of test scopes
  
  

your profile

• Strong interest in offensive security, very good analytical skills
• Sound consulting skills, high degree of initiative and good social skills
• Solid knowledge of at least one of the following languages: PowerShell, Bash, Python, C#/.NET, Java
• Good knowledge of OSINT tools such as Shodan, Maltego, Google Dorks, FOCA, Eyewitness...
• Basics of testing network perimeters and web applications
• Very good written and spoken German and English skills
  
  

This position isn't a 100% fit for you?  But you're passionate about offensive IT security?

Then we'd love to get to know you.  

Feel free to send us an email to jobs@nsideattacklogic.de!  

We'd also appreciate the following, but it's not a prerequisite:

• Certifications such as GCTI or similar
• Experience with red team assessments
• Experience with the TIBER framework
• Experience in offensive threat modeling/risk analysis
• University degree in computer science/IT security
  
  

This is what we offer you

• Flexible and mobile working
• 30 days vacation
• Clearly defined on-boarding process with a personal mentor for the first few months
• Attractive bonus program
• Exciting and varied projects at companies of all sizes and industries
• 5 training days + corresponding training budget per year
• Promotion of certifications (e.g. OSCP, OSCE)
• Modern workplace environment + dedicated budget for workplace design
• Regular, fun team events and shared lunches
• Flat hierarchies and fast and direct communication channels
• Room for initiative and creativity (development of tools and new attack methods)
• a young team with a collegial atmosphere
• Generous selection of drinks and snacks (everything your sweet tooth desires and more)
• excellent transport connections
• Modern, air-conditioned office building
  
  

About us:

More than 250 clients and 14 DAX-listed companies trust our many years of experience and technical expertise.Since 2014, with headquarters in Munich and over 25 employees, we have been offering a comprehensive portfolio of services in the field of offensive IT security.These include penetration testing, OSINT/WEBINT, red teaming, purple teaming, phishing simulations, and awareness workshops.

‍