Offensive Security Expert

Details

We're looking for an Offensive Security Expert for attack simulation in the Cyber Defence department. Do you want to be responsible for testing the organisation’s cyber resilience? Do you like to collaborate with a team to assess the organisation’s security posture and develop improvement proposals? And do you like to engage relevant disciplines and stakeholders to implement practical solutions that continuously enhance the bank’s overall security posture? If so please continue reading and apply online!

Responsibilities

• Execute a range of offensive security activities primarily focused on attack simulation; when required, perform threat actor emulation, purple teaming, red teaming, and in-depth research into attack techniques.
• Apply an offensive mindset to the bank’s attack surface and ensure systems, applications, and processes are tested, assessed, and secured.
• Actively contribute to evolving the bank’s approach to offensive security and related areas within Cyber Defence, including threat-driven cybersecurity and cyber resilience.
• Identify gaps, report them, and provide advice on remediation; develop improvement proposals and engage relevant disciplines and stakeholders to implement practical solutions.
• Propose improvements to ways of working and contribute to increasing the maturity of the Cyber Defence department and the offensive security capability.

Working environment

• Part of the Global Cyber Intelligence Centre (GCIC) within Grid Cyber Defence, part of ABN AMRO's Corporate Information Security Office (CISO) located in the Netherlands.
• Collaborate with motivated cybersecurity experts and analysts with specialisations such as cyber threat intelligence, adversary simulation, (threat intelligence based-) security assessments and detection engineering.
• Work in an agile environment with close collaboration across multiple departments.

Requirements

• Approximately five years (or more) of relevant experience in the offensive security domain.
• Leadership experience and strong leadership skills.
• Experience in executing adversarial techniques, tactics, and procedures (TTPs).
• Experience in performing threat and/or risk assessments.
• In-depth experience in complex Windows, macOS, and Linux environments.
• In-depth experience with complex IT architectures.
• Hold one or more relevant certifications (e.g., OSCP, OSEP, CRTO, CRTP).
• Excellent communication skills, analytical skills, proactive and pragmatic attitude, fluent English, curious and willing to learn and experiment.

We are offering

• € 6.793 - € 9.704 per month (gross), based on a 36‑hour work week, including holiday allowance and a flexible benefit budget.
• An excellent pension scheme.
• Flexibility in working: working from home is possible in consultation with your team; an ergonomic home office setup will be provided.
• Five weeks of vacation per year plus two mandatory days off; option to purchase up to four additional weeks of vacation annually.
• Five “Banking for better days” extra days off for personal development or volunteer work.
• Personal development budget of €1,000 per year (can accumulate up to €3,000).
• Annual public transport pass with free public transportation throughout the Netherlands for both business and private use.
• Excellent employment conditions; more details available in the Collective Labour Agreement (CLA) that applies to this vacancy.

Application

• Submit your application online. For further information, contact Jaap van Oss (Expert Lead, Global Cyber Intelligence Centre) via email.

Application procedure

1. Apply online
2. CV selection and feedback
3. Job interview(s)
4. Possible assessment
5. Job offer
6. Congratulations on your new job!
7. Onboarding Desk