Ethical Hacker

The digital landscape is changing more than ever before, so the threats in the digital world can sometimes be more dangerous than traditional military weapons. The aim is to integrate security into our thought processes, not only in our own interests, but also as an example to others that security can and must be part of the development of every project.

Your role as Ethical Hacker

You are someone who looks at things and automatically starts thinking from the perspective of a malicious actor. How they would exploit its weaknesses, whether physical or digital. You enjoy CTFs, cipher puzzles and spend your spare time reverse engineering binaries or playing games like hackthebox.

• You are responsible collectively for identifying risks and drawing up risk analyses.
• You do this by studying and attacking systems, networks and applications.
• By carrying out a genuine attack you highlight the risk for the other party and you give the necessary advice on that basis.

This is your team

As an Ethical Hacker at KPN CISO you are part of a small team of dedicated and autonomous individuals. As a member of this team you enjoy an atmosphere in which the idea of selling services and of billable hours does not exist. We are a small team that focuses on making KPN more secure. We put the emphasis firmly on self-development because we believe as a team that this is the way to make individual members more effective. The workload is varied, from hacking mobile apps to hardware, from web applications to complex infrastructures. We take your preferences into consideration whenever possible.

What will you get from us

Of course, as an employer, we also have a lot to offer you. This is what you get from us:

• A gross monthly salary of at least € and up to € depending on your work experience.
• A 37-hour working week.
• A supplement of 10.5% of your gross monthly salary (including 8% vacation allowance).
• A variable bonus scheme of 7% in line with scale 10.
• Every year an individual and collective increase under the KPN CAO [collective labor agreement].
• A generous training budget (maximum 10, euros) that can be used for almost anything you want to further the development of your career.
• A good work-life balance (two days in the office, three days at home, transition leave, swapping public holidays for others that fit in with your religious or cultural background).
• 50% discount on KPN products and services such as KPN Internet.
• A commuting allowance of €0.23 per kilometer or full refund of 2nd class public transport, €10 per month internet, & homeworking allowance of €2.15 per day.
• Excellent pension provisions, KPN contributes 16% and you contribute 7%.

What will you bring us?

You are someone who looks at things and starts automatically to think from the perspective of a malicious actor.

How would they exploit the weak points, both physically and digitally?

You enjoy CTFs and coding puzzles and you spend your leisure time reverse engineering software or playing games like Hack the Box.

We accept people of diverse backgrounds, so don’t worry if your qualifications don’t seem directly related to the job. You will get an opportunity to show what you can do. If you have your OSCP and/or OSCE, so much the better. Knowledge of OWASP, NIST and CIS would be useful too. Skills in the field of mobile app security, cloud security, hacking of physical devices and wireless communication protocols would be great but are not a requirement (being willing to learn about these topics is, however, an implicit requirement).

To be able to do this well, you need to meet the following requirements:

• Experience with Python, Linux systems and Windows systems / Powershell.
• Appropriate knowledge of current attack methodologies and occurrences.
• Development of tools for automating specific tasks.
• Effective communication skills.
• At least two years of experience as a pen tester.

Even if you don't meet all the requirements listed, we still encourage you to apply.

• You apply. Is this job opening your dream job? Thank you for applying. We will receive your application and contact you soon. 
• Phone call. We'd like to get to know you better. We'll schedule an initial meeting. One of our recruiters will contact you by phone. 
• Second interview. Both sides still satisfied? Then a second interview will be scheduled. 
• Welcome to the team. Welcome to KPN. Today your introduction program starts.