Penetration Tester (Red Team)

Red Team Penetration Tester (Contract)

Germany (Remote with occasional on-site requirements)

Contract/Freelance

We are seeking an experienced Red Team Penetration Tester to join our team on a contract basis. In this role, you will perform advanced red teaming exercises and penetration tests to identify vulnerabilities within our clients' systems. You will work closely with cybersecurity teams to simulate sophisticated attacks on various network infrastructures, applications, and environments to help bolster their defence mechanisms.

This is an exciting opportunity for someone who thrives in high-pressure environments, is passionate about cybersecurity, and enjoys uncovering critical vulnerabilities in a creative and strategic manner.

Key Responsibilities:

• Conduct red team assessments, including simulations of adversarial tactics, techniques, and procedures (TTPs) on client systems.
• Perform thorough penetration testing on networks, applications, cloud environments, and IoT devices to identify and exploit vulnerabilities.
• Develop detailed attack scenarios to simulate advanced persistent threats (APTs) and provide clients with a clear understanding of the risks and possible mitigation strategies.
• Create detailed and actionable reports, including technical breakdowns of findings and risk assessments for both technical teams and senior leadership.
• Collaborate with blue teams to provide realistic attack scenarios and post-assessment reviews to improve defensive capabilities.
• Keep up-to-date with the latest cybersecurity threats, trends, and attack vectors to ensure the highest level of expertise in assessments.
• Provide recommendations for security improvements based on vulnerabilities and industry best practices.

Requirements:

• Proven experience (3+ years) in red teaming, penetration testing, or offensive security.
• Strong expertise in penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Cobalt Strike, Kali Linux, etc.).
• Deep understanding of network protocols, security architectures, and vulnerability assessment methodologies.
• Familiarity with tactics, techniques, and procedures (TTPs) used in real-world cyberattacks (e.g., MITRE ATT&CK framework).
• Proficiency in coding/scripting languages (Python, Bash, PowerShell, etc.) to customize tools or create exploits.
• Experience with reporting and communicating complex findings to both technical and non-technical stakeholders.
• Certifications such as OSCP, OSCE, CEH, or similar are highly desired.
• Fluency in both English and German.
• Ability to work independently, with a willingness to travel for on-site engagements when necessary.

Preferred Skills:

• Experience with OT (Operational Technology) environments or ICS (Industrial Control Systems) security is a strong advantage.
• Knowledge of cloud security and experience performing penetration testing in cloud-based environments (e.g., AWS, Azure).
• Experience in working with agile and DevSecOps environments.

What We Offer:

• Competitive contract rates based on experience.
• Flexible working conditions, including remote work.
• Opportunities to work with leading organizations on high-impact cybersecurity projects.
• Continuous learning and professional development through collaboration with experienced cybersecurity experts.