You will be participating in the preparation, execution or coordination of ethical hacking (RED teaming) of Rabobank’s (IT) services and processes to strengthen the corporate resilience against potential (cyber) threat scenarios. You are also actively involved in the presentation and follow-up of the RED teaming operations. 

Currently we are building up a dedicated Rabobank RED team. The goal of the RED Team is to improve security at Rabobank by finding actual flaws and exploiting those. The team has a global coverage and executes on average five to seven operations each year. For most RED team operations, we work together with external contractors. 

Who are you?
You are a driven and pragmatic professional with a wide variety of interests, knowledge and experience in (IT) security, Incident Response as well as (Cyber) Threat Intelligence and Ethical hacking. You are creative, pro-active, a teamplayer and always think of the consequences of your actions. You are brave, don’t feel blocked by boundaries but do stick to agreed plans and necessary constraints. You can convince people by telling a compelling story with actionable parts in it.

Our department 
The RED team is positioned within the Global Information Security Office. The team is organized in Utrecht but you will be working on multiple locations in The Netherlands and/or abroad if required.
 

Functie-eisen

Your profile
• You are pragmatic, flexible and capable of independently steering on complex ethical hacking operations.
• You’re comfortable with being out of your comfort zone. 
• You have the capability to perform complex analysis to be able to define, structure and prioritize required actions. You also capable of keeping the overview and statuses of these actions.
• You are capable of developing ethical hacking scenarios in regards to complex bank processes and IT systems.
• You have strong verbal and written communicative skills in English and Dutch. 
• You’re experienced in giving presentations and are capable of transferring a clear and solid message to people with and without technical background.
• You are a team player and are aware of the sensitivities within the organization. 
• You have integrity and know how to work with classified information.
• You’re aware of cyber security trends and leatest threats.
• You like to read articles in which the latest hacks are written down with the smallest level of detail.

Technical skills:
• Deep knowledge and experience in IT, Security, Cyber Threat Intelligence, executing forensic IT investigations and/or Red Teaming.
• Knowledge and experience in analyzing different attack techniques and resources such as rootkits, malware, Trojans, man-in-the-middle attacks etc.
• You are up-to-date with the latest developments in cybercrime and IT security.
• Experience with python, C, PHP and shell scripting.
• You have experience with different security technologies such as Security Information Event Monitoring, Intrusion Detection Systems, firewalls, proxies, vulnerability scanning, honeypots, cyber threat intelligence etc.

Preferred qualifications (but not limitative):
• Bachelor or Master, preferred in IT/Security 
• GCIH, GCIA, GFCA, OSCP or equal certifications. 
• 5+ year working experience in an IT function.
• 3+ working experience in an IT security function
• Screening

Direct reageren op deze vacature