Offensive Security Analyst (EU Institution)

For one of our clients within an EU institution, we are currently looking for an Offensive Security Analyst. The selected candidate will play a key role in strengthening the institution’s cybersecurity resilience by proactively identifying vulnerabilities within critical systems, applications, and ICT infrastructure. Working within established EU regulatory and security frameworks, the analyst will conduct controlled security assessments to ensure the protection of sensitive information and essential digital services.

Key Responsibilities

• Conduct offensive security assessments, including vulnerability identification, exploitation analysis, and red-team or adversary-simulation exercises.
• Execute structured security testing engagements based on recognized methodologies
• Analyze results, validate findings, and provide clear, actionable guidance for mitigation.
• Prepare comprehensive technical reports and concise management summaries tailored for different audiences.
• Collaborate with system owners, developers, and infrastructure teams to support remediation and verify the effectiveness of corrective actions.
• Contribute to the development and improvement of internal offensive security methodologies, tools, and procedures.
• Support broader cybersecurity activities, such as incident response exercises, threat modelling, and security audits, when required.
• Stay informed on emerging threats, vulnerabilities, and attack techniques relevant to EU institutional environments.
• Ensure that all testing activities comply with EU regulations, including GDPR rules and internal security policies.

Required Qualifications

• University degree in Information Security, Computer Science, Engineering, or a related field.
• Demonstrated experience in offensive security, red-team operations, penetration testing, or ethical hacking.
• Solid understanding of network and application security principles, operating systems, cloud environments, and emerging technologies.
• Practical experience with security testing tools and frameworks
• Strong analytical capabilities and attention to detail.
• Ability to produce high-quality documentation for both technical and non-technical stakeholders.
• Very good command of English; knowledge of an additional EU language is an asset.