Offensive Security Specialist

Whether we talk about IoT consumer products, automotive, medical devices, or industrial control systems, security of embedded systems is important and very often used in solutions, which combine devices, systems, infrastructure, web and mobile applications. Within this fast evolving landscape, Bureau Veritas Cybersecurity gets many customer requests to validate these solutions. Moreover, Bureau Veritas Cybersecurity is actively working on standardization of security assessments for these various industries.

What we are looking for:

In this context we are looking for a Security Specialist. As a Specialist you will perform the technical assessments of either embedded products, software or web/mobile applications, in line with the applicable security evaluation methodology. This can be either a "free-form" penetration test, or testing in line with the requirements of a specific standard or certification scheme. Direct interaction with the customer for the purpose of defining the assessment scope, as well as during the assessment execution is expected as well. Finally, the role will provide opportunities for security consultancy (technical topics) given to the customer, especially regarding the way in which they can address the security issues resulting from the conducted testing.

As a Security Specialist you will:

• Perform the technical assessments for the targets in scope, in line with the agreed assessment methodology;
• Be a technical lead for performed technical assessments
• Get involved in both technical (content specific) as well as management level discussions with external customers, in order to explain or support the execution of security assessment (and certification) projects;
• Report the results of the assessment, and directly interact with the customers in order to explain them the results of the assessment and way forward;
• Align with the customers for the purpose of understanding their needs in terms of testing;
• Provide consultancy for the customers, in order to address their security needs or findings;
• Support Bureau Veritas Cybersecurity's Account Managers in the process of defining a lead, by providing the intended project approach and effort estimation;
• Support and execute allocated R&D projects;
• Contribute substantially to internal/external knowledge sharing via training courses, blog posts, articles, brochures, news items;
• Train and present for clients and internal;
• Perform tools and methods validation projects and state results and their interpretations in a report.

What you need to have:

• A completed Bachelor's or Master's, in a relevant (technical) domain;
• A couple of years of relevant working experience as a penetration tester;
• Affinity and experience with testing of embedded devices: IoT, hardware, firmware and electronics;
• Experience with performing code reviews such as C, C#, C++, Python, PHP and preferably with low level languages ;
• A strong drive to understand the needs of the customers, and map them to possible offered services;
• Passion about maintaining and further developing the range of offered services;
• Customer oriented mentality, focused on delivering what it is expected in the required timeframe, while at the same time not cutting on the level of technical quality.

What would be nice to have:

• Experience with testing of web and mobile applications, or a strong will to get training and develop in this area;
• Experience with binary exploitation and reverse engineering ;
• Any penetration testing certification such as eWPT(x), eCPPT, OSCP, OSCE
• Experience with testing of embedded products, with focus on external interfaces and/or internal components and signals.

What you can expect with us:

Together with a great team of offensive professionals, you will have the opportunity to develop and expand your knowledge and expertise in cybersecurity.

We have offices in the two main technology centers of the Netherlands: Eindhoven and Amsterdam. This role can be filled from either location.

• Growth opportunities:
  We are a fast growing company and you will have the opportunity to grow in this. Whether it involves responsibilities, increasing your visibility within and outside the organization, or attending training and education, at Bureau Veritas Cybersecurity your career development is key.
• Cool projects:
  You will work with a wide range of renowned clients and customers. This gives you the opportunity to demonstrate your expertise and apply your skills in different environments, allowing you to continue to grow and learn. We do not only offer opportunities for projects within the Netherlands. There will also be opportunities internationally.
• Culture:
  At Bureau Veritas Cybersecurity, we value celebrating successes and creating an enjoyable work environment. We regularly organize fun activities ranging from annual ski trips to various wine and beer tastings, sailing trips, barbecues and more. Here, team building is key.

Are you interested in this vacancy?

Do you have questions or would you like to apply? You can do so via

Pre-employment screening and assessments are part of the selection process and annual social media screenings and check of criminal record will be conducted.