Information Security Specialist responsible for developing ISMS under ISO 27001 and guiding audits. Collaborating closely with IT and management while ensuring compliance and documentation.
About the role
- Red Team Security Consultant conducting complex Red-Team operations, including technical attacks and security checks for various clients. Collaborating with clients to enhance security measures and reporting findings effectively.
Responsibilities
- Conduct complex Red Team operations that combine technical attacks (e.g., network exploitation, cloud attacks), social engineering and physical security assessments
- Plan, coordinate and execute Red Team projects in close collaboration with our clients
- Document analyses in detailed reports and advise on implementing measures to remediate identified vulnerabilities
- Actively advance the Red Team program by developing new attack techniques, optimizing tools and sharing knowledge within the team
- Deliver workshops and training to strengthen our clients' security awareness and support the continued development of our internal Red Team methodology
Requirements
- Completed degree in (business) computer science, IT security, engineering or a comparable qualification
- Demonstrable experience in Red Teaming or penetration testing, ideally with certifications such as OSCP, CRTP, CRTO
- Solid knowledge of Red Team techniques (e.g., social engineering, exploit development, lateral movement) and methods such as adversary emulation, phishing, post-exploitation or exploit development; familiarity with MITRE ATT&CK is a plus
- You drive the Red Team program strategically, introduce innovative approaches and enjoy coaching your team members
- You work independently, meet deadlines and are customer-oriented
- Very good German and good English skills, and willingness to travel regularly, including for physical security assessments
Benefits
- Our Personal Growth Model and Coaching & Leading approach provide close, comprehensive support for both your long-term development and day-to-day work
- Wide range of training opportunities, including bootcamps, language and certification courses, as well as individual coaching
- Flexible career model and our "Fluid Company" approach: you decide where and how quickly you progress
- We try to make as many positions as possible available on a part-time basis
- Mobile Work Policy: work comfortably from home or from one of our offices
- Mobile Work Abroad: you can work up to 50 days per year from within the EU
- 30 days of annual leave, additional days for special family circumstances, and various sabbatical options
- A fixed monthly mobility budget so you can travel flexibly and in an environmentally conscious way
- Our values — responsibility, energy and collaboration — are central to our everyday culture
- Fair and attractive salaries consisting of a fixed and a performance-based component
- Monetary benefits such as EGYM Wellpass and exclusive corporate shopping discounts
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Threat Detection & Response Engineer at ICF developing cyber analytic capabilities for federal cybersecurity. Engage in project design and countermeasure capabilities while collaborating with key stakeholders.
Technician in Occupational Safety at Telefônica working on safety programs to prevent workplace accidents. Ensuring compliance with safety regulations in Ribeirão Preto/SP.
Cybersecurity Engineer at Mythics implementing Zero Trust security architecture for federal systems. Collaborating with senior engineers on secure data movement and vulnerability remediation.
Lead Information Security Engineer focused on phishing mitigation in Cybersecurity at Wells Fargo. Engaging in threat detection and incident response across various teams.
Principal Engineer implementing generative AI for cybersecurity at Wells Fargo. Act as a strategic advisor to leadership while overseeing security and AI initiatives.
IT & Cybersecurity Manager leading IT infrastructure and cybersecurity efforts at knok. Ensuring secure, scalable systems to support the digital transformation of healthcare.
Security Systems Technician maintaining physical security technologies and supporting enterprise security operations. Ensuring system integrity and compliance through troubleshooting and vendor collaboration.
IT Security Expert creating and managing SIEM solutions to strengthen Europe's defence capabilities. Collaborating in a small elite team to solve significant security challenges rapidly.
Senior Manager in Regulatory Compliance ensuring effective risk management within the Information Security Group. Overseeing regulatory compliance and governance while leading automation efforts.