We're Hiring: Pentester (Offensive Security)

📍 Remote (in the EU) | 🕓 Full-time | 🛡️ Hackurity.io

Hackurity.io is a Dutch offensive security company operating at the intersection of red and blue. We’re looking for a sharp Purple Teamer who thrives in real-world attack simulation and isn’t afraid to get their hands dirty helping secure what they just broke.

What You'll Be Doing (BAU):

Delivering one-off penetration tests across the full stack:

• Web-facing apps, APIs, and corporate sites (Hard requirement — we mean real experience, not checkbox scanning)
• Internal networks, servers, and classic infrastructure (Hard requirement — we mean real experience, not checkbox scanning)
• Running phishing campaigns and adversary simulation exercises
• Building and improving internal network security tooling
• Reviewing and hardening cloud environments (AWS, GCP, Azure – pick your poison)
• Writing custom Nuclei templates to expand our detection arsenal

Bonus points if you have experience with:

• Kubernetes (even if it’s just spotting misconfigs and reading manifests)
• WAF bypasses or tuning (modsec, Cloudflare, etc.)
• OSINT tooling and methodologies
• Dark web recon and monitoring
• CREST certification (or similar – not required, but shows you're battle-tested)
• Automating away boring tasks

Requirements:

• Must live in the EU (regulatory requirements)
• Language doesn’t matter, but fluent English is a must (spoken + written)

What We Offer:

• Autonomy, speed, and a low-bullshit environment
• Exposure to diverse clients and threat landscapes
• A fully remote work environment
• A chance to contribute to productized tooling and shape the future of purple teaming

About You:

• Offensive security is your baseline, but you’re comfortable flipping the script and sometimes building defenses too
• You communicate clearly — internally and with clients
• You want impact, not just tickets

Sound like your kind of chaos? Let’s talk.