Werkstudent in Cyber Security supporting Security Consultants in Munich. Assisting in security assessments and documentation while gaining practical experience in the field.
About the role
- Staff Offensive Security Engineer at RD Saúde concentrating on Adversary Emulation and Purple Engineering. Improving adversary simulations and defenses through collaboration and structured plans.
Responsibilities
- Act as a Staff Offensive Security Engineer in Adversary Emulation & Purple Engineering, performing adversary emulations and scheduled offensive tests to measure, improve, and continuously sustain the effectiveness of prevention, detection, and response.
- Define and maintain the Purple Team / Adversary Emulation strategy and roadmap (objectives, scope, rules of engagement, communication, and governance).
- Plan and execute scheduled adversary emulation exercises based on TTPs (MITRE ATT&CK) and threat intelligence, focusing on continuous improvement (detection, response, hardening, and automation).
- Develop Adversary Emulation Plans and realistic attack scenarios, prioritized by risk/criticality and aligned with business context.
- Conduct ad-hoc offensive tests (e.g., exposure validation, controlled exploitation, identity abuse, lateral movement, and simulated exfiltration) in a safe and authorized manner.
- Work side-by-side with the Cyber Defense Center (CDC) to validate detection hypotheses, telemetry gaps, alert quality, and response times; support the evolution of playbooks.
- Support the Automation Core in automating collections, simulations, instrumentation, and continuous validation (detection-as-code, pipelines, and repeatable tests).
- Produce detection engineering artifacts (e.g., Sigma/KQL/SPL rules, correlations, logging requirements) and actionable recommendations (mitigations and reconfigurations).
- Conduct debrief sessions, lessons learned, evidence recording, and retests to validate fixes and the evolution of the defensive posture.
- Define metrics and executive/technical reports (e.g., ATT&CK coverage, detection rate, telemetry gaps, control effectiveness) and track action plans.
- Technical management of vendors and service providers (scope, quality, evidence, SLAs, validation and acceptance), ensuring adherence to rules of engagement and improvement objectives.
- Act as a technical reference, supporting the foundation of the area, internal training, and the definition of standards and best practices.
Requirements
- Bachelor's degree completed.
- Solid experience in Offensive Security: red team, pentest, war games, adversary emulation and/or purple teaming.
- Proven practice in conducting Purple Team exercises with effective collaboration between offensive and defensive teams, turning findings into verifiable improvements.
- Mastery of MITRE ATT&CK (tactics/techniques/TTPs) and ability to structure emulation plans and scenarios based on reports and evidence.
- Practical knowledge of emulation and post-exploitation tools and techniques in corporate environments (with safety and authorization), plus strong fundamentals in networking, Windows/Linux, and identity.
- Experience in detection engineering (rules/queries, correlation, telemetry and logging) and integration with SIEM/EDR/XDR and automation/SOAR.
- Ability to operate with governance: rules of engagement, operational risk management of tests, documentation, evidence, and reporting.
- Experience managing technical vendors and service delivery (defining scope, validating deliverables and acceptance).
- Certifications: OSCP/OSCE, GXPN/GPEN, GCIH/GCIA, CRTO, and/or MITRE ATT&CK Defender / Purple Teaming.
- Experience with emulation platforms (MITRE Caldera), Atomic Red Team, and developing automations/scripts (Python/PowerShell).
- Knowledge of cloud offensive security (Azure/AWS/GCP) and identity attacks (AD/Azure AD/Entra).
- Experience building a program (templates, cadence, metrics, governance) and executive presentations.
Benefits
- Profit Sharing (PPR)
- Medical Insurance
- Dental Insurance
- On-site Cafeteria
- Life Insurance
- Commuter/Transportation Allowance
- Pharmacy Benefit
- Partnerships with Partner Companies
- Gym Assistance (Wellhub)
- Holiday Food Basket
- Career Path
- Extended Maternity and Paternity Leave
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cyber Security Werkstudent supporting security consultants in customer projects and gaining insights into information security challenges. Assisting with risk analysis, documentation, and internal security tasks.
Lead Cybersecurity Manager providing cybersecurity support and compliance with Federal and DoD cybersecurity policies. Ensuring secure integration of network components in Army environments.
Mental Health Security Specialist for Florida's DCF ensuring safety and security of patients and staff. Patrols facility, responds to emergencies, conducts safety inspections, and handles incidents.
Expert in information security with a focus on managing penetration tests for a leading financial services provider. Involves cloud transformation and regulatory compliance in a dynamic team environment.
Senior Cybersecurity Engineer at RD Saúde focusing on security solutions like SIEM and incident response. Collaborating with teams for continuous improvement in organizational security measures.
Information Systems Security Officer managing security oversight of federal systems. Conducting assessments and addressing cybersecurity risks in government projects.
Head of Product Security leading the security strategy and engineering functions at Our Future Health. Managing a multidisciplinary security team to drive secure, trusted product development.
Information Systems Security Officer conducting security assessments and managing ATO processes for government systems in Miami, FL. Seeking candidates with expertise in cybersecurity and risk management frameworks.
Information Systems Security Officer managing security assessments and A&A activities for government systems. Seeking a candidate with strong security documentation expertise and DIACAP/RMF experience.