An exciting role where you will get the opportunity to work amongst world class ethical hackers and security professionals and gain exposure to a variety of technologies and systems.
What are you going to do?
You will report to the Ethical Hacking team lead in KPN’s Information Security Office and will perform penetration tests of KPNs core networks, products and services and KPN client’s systems as required. You will apply your expertise to isolate, research, and exploit vulnerabilities on hardened devices. You will also be responsible for documenting your findings and creating recommendations for improved network, device, and application security. You will be performing penetration and vulnerability tests in accordance with industry-accepted methods and protocols.
Projects may include:
• Perform redteam exercises against KPN and customer environments
• Performing network-based and application level penetration tests
• Performing security assessments of radio networks (e.g Wifi GSM LTE)
• Reverse Engineering embedded devices
• Developing testing scripts and procedures
• Other security-related projects that may be assigned according to skills
What are the requirements?
• Minimum of 2 years work experience performing security penetration tests, including web application, infrastructure, and mobile application penetration tests
• Well-developed skills in at least some of the following: software reverse engineering on multiple architecture types (e.g. x86/x86-64/arm), hardware reverse engineering, radio frequency analysis, multiple OSes (e.g. Linux, Windows, OSX), common tools (e.g. Burp, Nessus, Fiddler, IDA Pro, radare2, gdb, peda, nmap, ncat, tcpdump, nikto), programming languages (e.g. C/C++, Python, Powershell, Objective-C, Java), and web technologies (e.g. RESTful APIs, websockets, MVC)
• Strong ethics and understanding of ethics in business and information security
• English language written and communication skills
• Investigative skills
• Understanding and familiarity with common penetration testing methods and standards
• Be able to work independently, with minimal supervision
• Be able to complete tasks and deliver written reports suitable for viewing by internal and external stakeholders on time
• You are a strong team player with good communicational skills
What do we offer?
• Solid salary and benefit package, including an excellent pension
• Excellent professional and personal development opportunities including a generous personal training budget
• Access to ethical hacking resources including software, e.g. BurpSuite Pro, Nessus, IDA Pro and hardware, e.g. oscilloscope, logic analyzer, soldering iron, desoldering station, high-end SDR hardware.
• High-spec’d laptop
• Time to participate in SectorC CTF team.
• Working in a friendly, fun, professional and ambitious team
KPN has a Central Information Security Office which consists of four teams: a team that focuses on strategy and policy to harden KPN against hacking attempts (Strategy and Policy), a team that focuses on detecting and verifying the risks of KPN and customer systems (Ethical Hacking), a team that focuses on responding to cybercrime (Computer Emergency Response Team) and a Senior Security Officers team to verify and carry out security in the business. This job posting is for a position in the Ethical Hacking team (also known as REDteam).
Interested in this position?
If you are interested in securing the position of Ethical Hacker at KPN, we look to receive a short letter of application and your CV. For more information about the vacancy and the recruitment process, please contact Nicolette Schmitz – Meunier, KPN Recruitment, via mobile +31 6 233 018 36 or via email firstname.lastname@example.org. An (e-)assessment and screening are part of the procedure of KPN.