Penetration tester

Employee

Join Toreon, the cybersecurity company that’s all about empowering individuals and
organizations in the field of cybersecurity. Our team of over 50 security domain experts is
driven by knowledge and impact, partnering with companies to define and implement
strategic security roadmaps. Through coaching, training, and collaboration, we increase our
clients’ security maturity, as well as our own expertise.

Join Toreon, the cybersecurity company that’s all about empowering individuals and organizations in the field of cybersecurity. Our team of over 50 security domain experts is driven by knowledge and impact, partnering with companies to define and implement strategic security roadmaps. Through coaching, training, and collaboration, we increase our clients’ security maturity, as well as our own expertise.

About the Challenge

You will join a committed security team of 15 Toreonites that is already working with great enthusiasm on different penetration projects such as web application -, infrastructure -, Mobile -, API -, AI penetration testings en red teaming.

As an ethical hacker you ensure that security vulnerabilities are identified and further reported at management level to the end customer. Delivering quality is therefore of utmost importance. By performing quality assurance on other penetration testing reports you ensure that errors are filtered and in this way you learn from your colleagues.

In the execution of internal and external infrastructure penetration testing you will thoroughly research vulnerabilities in network infrastructure, IT systems, active directory and exploit them thanks to your insights in network architecture.

In addition you will identify web vulnerabilities in web application penetration testings and exploit web exploits using the latest insights in web development and tools.

Afterwards you are also an expert in analyzing mobile vulnerabilities and exploiting mobile exploits. You have a good view on the different tools and mobile developments.

You are the best at recognizing API vulnerabilities and exploiting API exploits.

Finally, you are a master in subverting AI systems.

In the time that is left you will do research and look for CVE’s in public code bases.

In short: discovering, investigating and solving cybercrime. Are you the ethical hacker/ detective that we are looking for? Then be sure to continue reading.

Requirements

You have the knowledge about different tools and insights to do a web application -, infrastructure -, mobile – and API penetration testing such as: Burp, Nikto, SQLMap, OWASP, CVSS 4.0 rating, Nessus, NMAP, responder, Bloodhound, Active Directory, network architecture, Zero days, Mobsf, Postman…
You have experience with quality assurance. You can handle with tools such as AttackForge and Office suite. You have the insights in penetration testing to give constructive feedback about the rapports
You have an understanding of business problems and processes. You can detect security problems within companies Understanding the business and investigating in a systematic way is one of your skills
You enjoy interacting with others. You like giving presentations and presenting your work at a business level
You can speak and write professional English and Dutch. (French is a plus.)
You are in possession of a relevant bachelor or Master degree within IT or equivalent; engineering, computer sciences,…
You are certified within OSCP and one of the following certificates would be a plus: OSCE, OSEP, OSED, SANS Xpen, Corelan, SANS 584 and SANS 560

You have the knowledge about different tools and insights to do a web application -, infrastructure -, mobile – and API penetration testing such as: Burp, Nikto, SQLMap, OWASP, CVSS 4.0 rating, Nessus, NMAP, responder, Bloodhound, Active Directory, network architecture, Zero days, Mobsf, Postman…

You have experience with quality assurance. You can handle with tools such as AttackForge and Office suite. You have the insights in penetration testing to give constructive feedback about the rapports.

You have an understanding of business problems and processes. You can detect security problems within companies. Understanding the business and investigating in a systematic way is one of your skills.

You enjoy interacting with others. You like giving presentations and presenting your work at a business level.

Communicate effectively in both professional-level Dutch, English. Knowledge of the French language is considered a plus.

You are in possession of a relevant bachelor or Master degree within IT or equivalent; engineering, computer sciences,…

You are certified within OSCP and one of the following certificates would be a plus: OSCE, OSEP, OSED, SANS Xpen, Corelan, SANS 584 and SANS 560.

Inside out

You are people-oriented and enjoy advising others. You can adapt well to any situation and you can motivate others and give them insights. Showing respect for others is important.

In addition, you take responsibility for your own actions and you act correctly. Discretion in handling sensitive information and self-discipline can be seen in the results of your projects. Within your projects, we can see that you are the best in your field. You make efforts to grow your knowledge but also to share knowledge with others.

What to expect

A scaling-up cybersecurity company that’s making an impact in the world

A fun, professional and educational environment where knowledge sharing is king

A team that loves to work hard and play hard

An open feedback culture that values your input

Room for your own initiatives and plenty of opportunities to grow

A learning path and expansive training budget to help you achieve your goals

A flexible work environment that respects your work-life balance

And, of course, we offer you an attractive salary package, a team you can learn from and you will be supported in obtaining certificates and other training.

Don’t worry if you don’t check off all the requirements for this amazing opportunity. We believe in your unique awesomeness and talents. Attitude and culture fit matter just as much. So, let’s chat, bring your unique self and let’s rock the endless possibilities together!