Key skills
Cyber SecurityLinuxActive DirectoryLeadership
About this role
Role Overview
- Plan and conduct realistic attack simulations and technical security assessments against our clients' IT systems, networks and infrastructures
- Build, further develop and provide technical leadership for our Red Team with a focus on coaching, quality assurance and methodological advancement
- Identify, analyze and exploit vulnerabilities in internal and external networks, server landscapes, operating systems, security appliances and other infrastructure components
- Perform manual infrastructure penetration tests, Active Directory assessments, network segmentation reviews as well as checks of hardening measures and security configurations
- Develop and deploy custom attack techniques, tools, exploits and attack paths to realistically emulate modern threat scenarios
- Chain individual vulnerabilities into complex attack scenarios to clearly demonstrate actual risks and potential impacts for our clients
- Produce high-quality reports on discovered vulnerabilities, attack paths and technical risks, including practical recommendations and tailored countermeasures
- Collaborate with Blue Teams to improve detection and defense strategies and participate in Purple Team exercises to directly translate attack insights into defensive measures
- Support the development of new attack vectors, testing methods and operating models for Red Team engagements and infrastructure security assessments
- Deliver internal knowledge-sharing presentations, reviews and coaching for new employees
Requirements
- University degree in IT Security, Cyber Security, Computer Science, Business Informatics or a comparable field
- Minimum 3–4 years of relevant professional experience in Offensive Security, including at least 2 years in Red Teaming projects or complex infrastructure penetration tests
- Solid experience performing manual penetration tests of internal and external networks, Windows and Linux systems, Active Directory environments and infrastructure components
- Very good understanding of network technologies, operating systems, authentication mechanisms, network segmentation, hardening concepts and typical enterprise infrastructures
- Mandatory certification: CRTO or CRTL and at least 2 additional relevant certifications in Offensive Security, e.g. OSCP, OSEP, CPTS, OSWE, PNPT or equivalent
- Experience producing meaningful technical reports and presenting complex attack scenarios and risks in an understandable manner
- Team player with a strong sense of responsibility and enjoyment in coaching new colleagues and developing a team professionally
- Excellent written and spoken German and English
Tech Stack
- Cyber Security
- Linux
Benefits
- Flexible working hours and the option to work remotely
- Individual training and development opportunities
- Various company benefits (annual Vienna public transport pass, subsidized lunch and more)