Type:
Permanent employment
Location:
Zoetermeer
Education:
Associate degree (EQF 5), Bachelor (EQF 6)
Published:
10/08/2022
Status:
Open
Apply before:
05/10/2022
Hours p/wk:
37

How

You will become part of a small team of autonomous individuals who, alone or together, will research and attack systems, networks and applications in the pursuit of risk discovery. You will prove your thesis by conducting the attack, make that risk transparent to the other party and give advice on its remediation. As a member of this team you will enjoy an atmosphere that dispenses with the idea of up-selling services and billable hours, we are a small team who focus on making KPN more secure. We place strong emphasis on self-development because, as a team, we believe that this is the path towards more effective individual members.

 

Why

More than ever the digital landscape is shifting, where the threats in the digital world can and sometimes are more effective than traditional military armaments. The intention is to integrate security into the mindset of not just our own interests but to be an example to others that security can, and should, be part of the development of any project. As a member of this team you will enjoy an atmosphere that dispenses with the idea of billable hours and focuses instead on self-development because, as a team, we believe that this is the path towards more effective individual members.

 

Where

You will mainly work in our Amsterdam office, near station Amsterdam Sloterdijk. There are moments you will be required to appear in other areas, Hilversum, Den Haag, and anywhere else required, but these moments are not as consistent and travel expenses are covered.

 

With whom

With the REDteam of KPN Chief Information Security Office (CISO).

 

Your biggest impact

Keeping KPN reliable, secure and trusted by customers, partners and society.

 

Your role as

You will participate in the testing and security efforts of KPN and her interests. Your challenge would be:

1. Keeping up to date with current attack methodologies and events;

2. Development of tooling to help you automate certain tasks;

3. Consistently Training/Improving your skill set;

4. Effectively communicate issues with colleagues and project member

 

Your role will also involve collaborating with other branches of the business to deal with broader security concerns like planned awareness engagements, real world incidents and the risk assessment of real world geopolitics.

 

What are you bringing us

A desire to learn the things you don't know, a desire to share the things you do, and the wisdom to know the difference. You are someone who looks at things and automatically starts thinking from the perspective of a malicious actor. How they would exploit its weaknesses, whether physical or digital. You enjoy CTFs, cipher puzzles and spend your spare time reverse engineering binaries or playing games like hackthebox.

 

We accept many people from many walks of life, so don’t be afraid if your degree seems unrelated to the position. There will be a chance to show us what you can do. If you already have your OSCP and/or OSCE then all the better.

 

A working knowledge of python, linux systems, windows systems/powershell is a must. Knowledge of OWASP, NIST, CIS would also be beneficial.

 

Skills focusing on mobile app security, cloud security, physical device hacking and wireless communication protocols would be great, but are not required (the desire to learn more about these topics is, however, an implicit requirement).

 

Who we are

We are an attack focused branch of the security information office (CISO) of KPN. We plan, coordinate and execute engagements on projects, infrastructure and the systems of KPN proper. Sometimes these engagements are purely digital, sometimes they are physical (trying to get into buildings you are not supposed to be in) and sometimes these engagements are unannounced to the wider company (Phishing campaigns for example). We are a team dedicated to discovering our flaws before our adversaries do, whether external or internal and to attempt to aid in their mitigation in a timely manner. We are a team of people who have an utter thirst for knowledge and we pride ourselves on our training and self-development allowances. If you think you would fit well within a team of autodidacts who love learning and sharing that knowledge with each other then please contact us.

 

What do you get in return…

  • A 37 hour work week (with option to opt for a 40 hour work week if you prefer)
  • A gross salary of (max) €5560 plus 10,5% top-up payment
  • Excellent employment terms and benefits
  • A company issued laptop, cellphone (with unlimited plan) and discount on personal device subscriptions should you choose to go with KPN (50% reduction in monthly costs)
  • NS business card for travel expense coverage
  • A generous training budget (10K max) that can be used for nearly anything you wish to further your development in your career
  • Participation in our ‘New way of working’ which affords some freedom over the timing and location of your work.
  • Excellent pension opportunities
  • Nice cozy environment with all the facilities, laptop, monitors etc..
  • Guidance from experienced colleagues, who will gladly help you to develop further, but also like to learn from you