About Northwave
Defending the digital frontier is our mission.
At Northwave, 275 cybersecurity specialists transform how organisations approach digital safety. From our HQ in Utrecht, along with offices in Germany, Sweden, and Belgium.
Northwave combines ethical hacking expertise with behavioral psychology insights and cutting-edge security management at the highest level. We respond to threats and anticipate them, providing 24/7 managed security services and tailored solutions for each client's journey.
By joining Northwave, you’ll become part of an organisation where innovation drives results, whether your talents lie in technical penetration testing or strategic client partnerships. Here, your expertise will grow and help shape the future of digital security across industries, leaving a lasting impact.
Our Red Team
Our Red Team lives for hacking. With challenging penetration tests and red team exercises, we ensure that our clients are optimally protected. We work closely with Northwave's Blue Team, Threat Intelligence, and CERT to make our clients more resilient. We are proud of our role as a TIBER and ART provider and our impact in the Benelux, DACH region, and Nordics.
The Role
As a seasoned Red Team Operator, you will work on clever attack scenarios to test and strengthen our clients. You will train Blue Teams during Purple Teaming workshops and present results to all levels of the organization, from technicians to CEOs. Thanks to our diverse expertise, you will have the opportunity to discover new vulnerabilities and share unique tactics on (inter)national platforms.
How we achieve this
Everything starts with an intake: what are the crown jewels? Together, we develop realistic attack scenarios and document agreements in a Rules of Engagement document. Then we immediately get to work with techniques such as OSINT, malware building, spear phishing, and exploiting vulnerabilities.
What you bring
• Several years of hands-on experience in penetration testing and/or red teaming
• Proven experience working within the TIBER and/or ART frameworks
• Ability to design realistic attack scenarios that deliver clear business value
• Strong knowledge of modern attacker TTPs and a habit of staying continuously up to date
• Solid experience with Active Directory environments and working knowledge of Entra ID
• Excellent OPSEC skills and sound judgement on when and how to apply pressure during engagements
• Ability to clearly explain complex technical findings to both technical teams and executive stakeholders
• A collaborative mindset and motivation to share knowledge within the Red Team and the wider security community
• A relevant technical background (Bachelor or Master level) and/or certifications such as OSCP, OSEP, CRTO, or willingness to obtain them
Interested in building systems that are used under real pressure, not in theory? Contact Youri Roelofs at [email protected].
Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!
Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.
Specialist Q&A's