Pentester / Red Teamer

As an Offensive Security Engineer – Pentesting / Red Teaming, you will plan, conduct, and execute pentesting and red teaming activities to identify vulnerabilities in systems, networks, and applications, and validate the effectiveness of the organisation’s detection, prevention, and response capabilities by performing sophisticated attacks. This role emphasizes the ability to perform comprehensive tests, assist in remediation efforts, and contribute to the development of long-term security strategies.

Your job

You are responsible for executing advanced penetration tests and red team activities on ABN AMRO’s information assets. You identify gaps, report them, and advise on ways to fix them. As an expert, you stay well informed on the latest developments and actively share this knowledge with your colleagues. You signal improvements related to the way of working inside the team and contribute to improving the maturity and coverage of the service offering.

Working environment

You will be part of the Security Assurance team within the Corporate Information Security Office (CISO) of ABN AMRO in the Amsterdam region. The team works together in an informal way and offers a lot of variety and opportunities to keep developing yourself. It consists of around 10 skilled ethical hackers with a mix of national and international backgrounds, with English as the main language. ABN AMRO works in an agile way where speed, productivity, agility, and innovative power come first. For you, this means an interactive and inspiring way of working together across the team and with different departments of the bank.

Your profile

Required hard skills:

• Approximately 2+ years of relevant work experience in red teaming and experience in penetration testing.
• Several relevant certifications such as OSCP, OSCE, GPEN, GXPN, etc.
• Expert understanding of Red Team operations, scenarios, attacker TTPs, tooling, and security control bypass techniques.
• Strong understanding of web application, network, and infrastructure vulnerabilities and exploitation techniques, such as the OWASP Top 10.
• Fluency in English, both verbal and written.
• Strong coding and scripting skills in Python, C/C++, PowerShell, or similar.

Required soft skills:

• Pragmatic and analytical, with good communication and social skills.
• Ownership of your own and the team’s delivery, with a proactive attitude.
• Enjoy training and coaching junior colleagues and sharing knowledge.

Nice-to-have skills:

• Fluency in Dutch, both verbal and written.
• Experience identifying vulnerabilities and exploitation techniques specific to AI/ML systems, including adversarial attacks, data poisoning, model evasion, and testing agentic technologies.
• Maintaining or contributing to open-source repositories related to security tools, techniques, or research, demonstrating practical expertise and innovation in the field.
• Having found multiple CVEs.
• Enjoying CTFs and publishing write-ups.
• Presenting at leading conferences.
• Experience with TLPT / TIBER.

We are offering

We offer a challenging job in which you are directly responsible for your own successes. There are strong opportunities for personal development and for staying on top of your technical knowledge.