The digital landscape is changing more than ever before, so the threats in the digital world can sometimes be more dangerous than traditional military weapons. The aim is to integrate security into our thought processes, not only in our own interests, but also as an example to others that security can and must be part of the development of every project.
Your role as Ethical Hacker
You are someone who looks at things and automatically starts thinking from the perspective of a malicious actor. How they would exploit its weaknesses, whether physical or digital. You enjoy CTFs, cipher puzzles and spend your spare time reverse engineering binaries or playing games like hackthebox.
This is your team
As an Ethical Hacker at KPN CISO you are part of a small team of dedicated and autonomous individuals. As a member of this team you enjoy an atmosphere in which the idea of selling services and of billable hours does not exist. We are a small team that focuses on making KPN more secure. We put the emphasis firmly on self-development because we believe as a team that this is the way to make individual members more effective. The workload is varied, from hacking mobile apps to hardware, from web applications to complex infrastructures. We take your preferences into consideration whenever possible.
What will you get from us
Of course, as an employer, we also have a lot to offer you. This is what you get from us:
What will you bring us?
You are someone who looks at things and starts automatically to think from the perspective of a malicious actor.
How would they exploit the weak points, both physically and digitally?
You enjoy CTFs and coding puzzles and you spend your leisure time reverse engineering software or playing games like Hack the Box.
We accept people of diverse backgrounds, so don’t worry if your qualifications don’t seem directly related to the job. You will get an opportunity to show what you can do. If you have your OSCP and/or OSCE, so much the better. Knowledge of OWASP, NIST and CIS would be useful too. Skills in the field of mobile app security, cloud security, hacking of physical devices and wireless communication protocols would be great but are not a requirement (being willing to learn about these topics is, however, an implicit requirement).
To be able to do this well, you need to meet the following requirements:
Even if you don't meet all the requirements listed, we still encourage you to apply.