Are you the responsible rebel we are looking for?
The most dangerous person is the one who listens, thinks and observes.
Offensive DevOps at Hunt & Hackett
At Hunt & Hackett we believe that modern cyber security to catch the bad guys requires cloud native applications, the right - often high volume - data sources, automated security regression tests and a ”we don’t reinvent the wheel” mentality. Therefore, as an Offensive DevOps’er at Hunt & Hackett you are not yet another IT guy to us, but of vital importance to live up to our core principles and be the organization we envision to be.
It’s your job to build a so-called Breach Attack Simulation (BAS) environment as code for our customers, based on existing tools available in the market. With such a platform you can continuously simulate attack techniques in the infrastructure of an organization, to determine whether the right prevention and/ or detection measures are taken. Next to building the platform, making sure it is scalable and connecting it to our Security Operations Center (SOC), you are also responsible for building these simulations. This means that you will be additionally researching attack techniques and translate these into simulations which can be deployed in a customer environment to determine how vulnerable they are for such an attack (click HERE for more information on BAS). Lastly, you will also help (external) offensive teams to become better, by automating parts of their test so that they can focus on what humans are good at, while your nice little fleet of machines & automated tests can focus on what they are good at.
Terms like Azure, Active Directory, Process Injection, Hooking and EDR evasion are your bread and butter and part of your daily routines. You like *-as-code and in particular security-detections-as-code and attack-simulation-as-code. You are not necessarily a coder, but you appreciate what they do, and can communicate about best practices and ‘getting ready for production’ with them. Automation is the first word you say when you wake up in the morning and you typically go to great lengths to actually do a task only once manually. Terraform, Ansible and Puppet are your friends.
Finally, you are not only able to stitch things together, but also able to properly document the cohesion between different component and how things work together. You can translate the technical benefits to business benefits and vice versa. Next to that, you have a “customer first” mindset and find flexible solutions to support our customers best.
The Hunt & Hackett wish list. The right candidate:
- Proficient in high-level script languages such as Python
- Experience attacking modern Linux distributions as well as Microsoft Windows systems
- Experienced in configuring and maintaining Microsoft 365
- Strong experience building and maintaining production systems on AWS, GCP, Azure
- Experience with offensive frameworks and curious about the latest research on bypassing EDR solutions
- Experience with continuous integration, testing and deployment
What is your wish list? As a minimum, Hunt & Hackett offers you:
- The opportunity to safeguard Europe’s leading organizations;
- A unique culture of ‘responsible rebellion’ where you can learn from the best to get the most out of yourself;
- The most innovative approach to get the job done;
- Being part of a winning team, with room for fun, learning and developing yourself;
- A proper laptop and phone to get the job done;
- A modern pension, which is transparent and can be controlled by yourself;
- Lunch is provided by, build & enjoyed with the team;
- Employee share participation scheme;
- Compensation for your travel costs.
A culture of ‘responsible rebellion’
Only (very) talented, multidisciplinary teams of threat hunters, intelligence analysts, reverse engineers, data scientists, developers and hackers are able to outsmart the increasingly professional community of cyber attackers. We pride ourselves as a force for the good and as such we think and act as responsible rebels. We are not ‘just another security company’, and our people are not ‘just employees’. Everyone at Hunt & Hackett wants to be the best in their field and focusses at delivering next-gen levels of service. This means that we:
- Push the envelope. Everyone at our teams takes the responsibility to make our work better every day, by being creative to color outside of the lines if needed.
- Help you to become the best version of yourself. We bring together the best minds in the field, to inspire each other and to learn from each other. Personal development and growth are important to us and our customers.
- Build mission driven teams. We believe in the power of small teams who can focus on strategic tasks, not on repetitive work that can be automated. It’s up to you to make this happen.
- Believe that God is in the details. Tiny details can have a huge impact, especially in security. This is why we champion tradecraft. We are system thinkers that oversee the big picture but who are simultaneously obsessive about the details.
- Are Responsible Rebels. We are polite. We are courteous. We show professionalism. Yet we have a plan to kill everyone in the room.
For more information or to apply, send an email to jobs@huntandhackett.com. Do note that a pre-employment screening is part of the application and selection process and precedes employment.
Submit a talent!
Introduce your network