Plan and execute realistic red team scenarios (on-premises & cloud)
Identify and document security vulnerabilities and attack paths
Conduct purple team engagements to validate detection and response
Adapt attack techniques based on defensive tooling
Translate findings into actionable improvements for offensive and defensive capabilities
Provide clear reports and briefings for technical and non-technical stakeholders
Track findings and support remediation efforts
Participate in cybersecurity incidents, including on-call duties
Support analysis, containment and recovery
Improve playbooks, detection rules and response procedures
Plan and coordinate external penetration tests (scope, schedule, stakeholders)
Support internal teams during engagements
Deliver training and workshops
Share techniques, tradecraft and insights
Mentor colleagues and promote a strong security culture
Support international teams and collaborate with broader IT security teams
Requirements
2–5+ years of experience in offensive security / red teaming / penetration testing (hands-on experience required)
Strong knowledge of attacker tactics, techniques and procedures (TTPs)
Understanding of defensive security concepts (SIEM/SOC, detection, logging)
Solid knowledge of Windows, Linux, Active Directory and enterprise architectures
Fundamentals of web, network and cloud security
Ability to communicate risk clearly and produce high-quality documentation
Excellent communication and stakeholder management skills
Collaborative approach, able to drive alignment and remediation
Excellent English skills, good German skills
Certifications (e.g., OSCP, CPTS) are a plus.
Tech Stack
Cloud
Cyber Security
Linux
Benefits
An onboarding plan, welcome events and a buddy system to ensure the best possible start
A discounted DO&CO canteen is available at the office, and you also receive financial support for meals when working from home
A modern, bright office with break areas in the city center and modern IT equipment provide a good working environment
Discounted insurance and a company subsidy provide security. Additionally, vouchers for supermarkets, perfumeries, furniture and DIY stores and more can be redeemed
Flexible working hours tailored to your needs
Option to work from home, plus a financial starter package for personal use
Remote work within the EU: work up to 20 days per year from an EU country of your choice
Stress-free commute: optimal accessibility by public transport
Support from the works council
benefit from a wide range of subsidies and offers
Vaccination campaigns, check-ups and blood donation drives are regularly offered on site
Free and anonymous coaching sessions for personal and professional challenges
We cover 50% of your annual public transport ticket
We offer various training and development opportunities to help you grow professionally and personally
From summer parties and after-work get-togethers on the rooftop terrace to mulled wine in winter