Junior Pentester/Ethical Hacker

Have you started popping boxes on Hack The Box, followed plenty of online hacking tutorials, and believe you are now ready for the real deal? We are looking for a new ambitious Junior Penetration Tester (Pentester) to join our experienced security team.

As a Junior Pentester, you will perform technical security assessments by hacking into our client's web applications, mobile apps, and networks. You understand how web applications are built, can read and write code, know how to find weak spots and pinpoint programming mistakes, and are aware of how hackers can potentially exploit these vulnerabilities. Once you are onboard with DongIT, you'll start hacking on projects immediately. Actual client projects will be on your desk!

Through innovative hacking techniques and methods, you will search for vulnerabilities and security issues within the scope of the assigned project. Your findings will be documented accurately in our in-house developed Pentesting Reporting Platform (securityreporter.app). This means you will not be working with amateurish Microsoft Word reports. Instead, rich markdown with proper code blocks and an advanced templating engine. Once you have finished a pentest, you will discuss and present your findings with our clients. Naturally, you will be mentored by our Senior Pentesters. All your work is reviewed, providing valuable feedback to improve your knowledge and hacking skill set.

Requirements

• BSc or MSc degree in a relevant major, such as:
  • Cybersecurity or IT Security.
  • Computer Science.
  • Software Engineering.
  • Mathematics.
• In possession of eCPPT, OSCP, OSWE, Security+, or similar certification is an advantage.
• Passion for information security and a hacker mindset.
• Knowledge base:
  • Programming or scripting languages such as PHP, C, Python, and Ruby.
  • Network architecture and network security.
  • Verbal and written English communication skills.
• Experience:
  • 1 to 3 years of relevant work or hobby experience (e.g. cybersecurity, pentesting, web development, network management).
  • Personal or professional software development projects and/or performing code reviews.

What you enjoy

• Learning and adopting new technologies and hacking methods.
• Using your creativity to think outside of the box.
• Working in a structured manner and landing accuracy in your reporting style.
• Being a team player and working independently where needed.
• Participating in CTFs, hacking competitions, and following tutorials and courses to improve yourself.

What we have to offer

• Complex and challenging security research for large reputable clients.
• Personal development with opportunities to take courses, obtain relevant security certifications, attend seminars/workshops and visit conferences.
• An informal working environment with a lot of (technical) experience in which everyone is happy to share their knowledge.
• Flexibility in working hours, with the possibility to work (fully) remotely or at our comfortable workspace in the center of Leiden.
• Ability to grow with the company, follow a career path with more responsibilities and work on the most complex security projects for exciting clients.
• Encouragement to develop your own initiatives; we are a flat organization where we can quickly implement innovative ideas.
• In addition, of course, the basic things such as a competitive salary, high-end laptop, pension scheme, fresh fruit in the office, Friday afternoon drinks, company outings, and lots of fun.

Note: Acquisition in response to this vacancy is not appreciated. We do not accept candidates through third parties, including recruitment parties, employment agencies, headhunters, and outsourcing organizations.