Ref: #67814

Penetration Tester

ob Title:

Penetration Tester – Web, Cloud & Network Security

Location:

Netherlands (Hybrid/Remote possible)

Contract Type:

Full-time / Permanent or Freelance


About the Role:

We are looking for a Penetration Tester with 2–3 years of hands-on experience to join our cybersecurity team. In this role, you will focus on assessing and exploiting vulnerabilities across web applications, cloud environments, and network infrastructures. You’ll be part of a growing security team with the flexibility to work remotely or from our offices in the Netherlands.

You will help strengthen our clients' security posture by conducting ethical hacking engagements, providing actionable findings, and working alongside blue teams to improve defenses.


Key Responsibilities:

  • Perform penetration tests and security assessments on:

    • Web applications (OWASP Top 10, business logic flaws)

    • Cloud environments (AWS, Azure, GCP)

    • Internal and external networks

  • Document vulnerabilities, exploits, and findings with clear technical and business impact

  • Collaborate with DevOps, Cloud, and Infrastructure teams to advise on remediation steps

  • Contribute to red/purple team exercises if required

  • Stay up to date with emerging threats, vulnerabilities, and tools

  • Participate in post-engagement debriefs with technical and non-technical stakeholders


Required Skills & Experience:

  • 2–3 years of hands-on penetration testing experience

  • Solid understanding of web application security (e.g. XSS, SQLi, SSRF, IDOR, etc.)

  • Experience testing cloud platforms (AWS, Azure, or GCP)

  • Good grasp of networking concepts (TCP/IP, DNS, firewall, VPN, VLANs)

  • Familiarity with tools like Burp Suite, Nmap, Metasploit, Nikto, Gobuster, Wireshark, etc.

  • Basic scripting knowledge in Python, Bash, or PowerShell

  • Ability to write clear, concise, and professional reports

  • Comfortable working independently or as part of a distributed team


Nice to Have:

  • Certifications such as OSCP, eJPT, CRTP, PNPT, or CEH

  • Exposure to DevSecOps or CI/CD pipeline testing

  • Experience with Active Directory exploitation

  • Dutch language skills (not mandatory)

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!