Job Description
As Senior Offensive Security Consultant in Dubex, you will work closely with renowned cybersecurity experts to secure companies against cyberthreats and play a key role in shaping Dubex’ services within offensive security.About DubexDubex is Denmark’s leading business specialist on IT security, delivering and supporting security solutions on more than 500 locations around the world. For nearly 25 years, Dubex has helped private companies and public institutions in managing risks, adapting to change, and enabling growth.Dubex cultureThe company culture is based on the founder’s passion and curiosity for technology and cybersecurity. Their technical expertise and knowledge are a great part of Dubex’ professional image and encourage everyone to live out their inner geek as an expression of true enthusiasm. To thrive, it is therefore central to bring a genuine professional interest in the subject, technical or not, as it is often the reason for people coming together and making a difference in their work.Offensive Security ServicesOffensive Security Services is a new team responsible for delivering value-driven high-quality services within offensive security. Services include application pentesting, network pentesting, AD pentesting, endpoint pentesting, red teaming, vulnerability scanning, and phishing campaigns. OSINT and IoT are potential additions to the portfolio.You will join a team that initially consists of you, another offensive security specialist, and the team manager, although Offensive Security Services will utilize capacities across the organization, working closely with skilled cybersecurity specialists in SOC and Cyber Defence Center (CDC). There is an environment of strong technical expertise, where help will always be available when needed.As part of a new team, you will embark on an interesting journey in Dubex, with a manager who invests time in creating the best motivational working conditions for high performance. Besides flexible working hours, meetings will be kept to a minimum to ensure the least possible distractions.The managerYou will refer to Head of Offensive Security Services, Lone Juul Dransfeldt Christensen, who has extensive experience in penetration testing and vulnerability assessment/management from consulting and large IT companies, where she has worked in both specialist and management positions.As a manager, Lone is dedicated to delivering high quality and the well-being of her team. To her, this is founded on open and honest communication. She encourages people to be themselves and to share anything – including feedback on areas where she can improve. She keeps a constant eye on the ball and expects her team to show initiative and motivation at work, as she will do her best to create the surroundings to support it. As a manager, Lone prioritizes diversity and ‘the new workspace’ as high values. She promotes diverse backgrounds as they provide flexible thinking and will use new scientific research to facilitate discussions on the best ways of working. She is at eye-level with everyone and focuses on solving things together as a team.The positionAs Offensive Security Specialist in Dubex, you will work closely with renowned cybersecurity experts to secure companies against cyberthreats and play a key role in shaping Dubex’ services within offensive security.Your primary responsibility is to lead a variety of offensive security assignments, such as penetration testing end-to-end with customers. You will ensure technical depth in your assessments, while maintaining a close dialogue with the customer about scoping, vulnerabilities, and recommendations. Your ability to translate complex technical findings into a language understandable by the customer is clearly reflected in the reports, where findings and recommendations are presented in a concise and understandable manner.To maintain focus, you will mainly be working on one assignment at a time and developing your report during testing using automated tools. Working alongside passionate and technically skilled cybersecurity professionals, good peer review will always be close. You will also have a close sparring partner in your relationship with your manager, with whom you will occasionally team up on given assignments.With new emerging cyberattacks, you will collaborate closely with specialists in the Cyber Defence Center, sharing live insights on events and on the behaviors of threat actors. Additionally, to continuously improve services and internal processes, you will maintain a good dialogue with sales and marketing to understand external demands and provide them with feedback that ensures high-quality services throughout the customer journey.It is a position where curiosity, engagement, and teamwork are highly valued, as you will experience significant influence on how to approach your tasks, and a great interest in new ideas and how to optimize services and procedures.Working for a cybersecurity company founded on principles of knowledge-sharing and ‘joining forces’, you will be given time to conduct research within your field and participate in key industry conferences and events as the company’s offensive security specialist.Primary responsibilitiesPerform penetration testing, vulnerability scans, red team engagements, vulnerability assessment, and management to improve customers' overall security posture.Technical report writing and documentation of red team and penetration testing activities.Customer engagement to address concerns, issues, or escalations on findings.Shape and improve offensive security services to enhance internal processes and ensure the best solutions for customers in close collaboration with the teams.Research and presentations on key cybersecurity events.Minimum RequirementsBachelor’s degree in a technical discipline (or equivalent work experience).3+ years of working experience in one or more of the following areas: penetration testing, threat intelligence, security control and vulnerability assessments, secure software development.One or more certifications within offensive security (e.g., OSCP, OSWP, OSEP, OSWA, OSWE, eCPPT, eCPTX, eWPT, eMAPT, CRTP).Experience from an organization/position with a strong consulting presence is considered an advantage.Security clearance.Key CompetenciesAnalytical with an eye for detail. You place an emphasis on ensuring a good basis for decision making, ensuring the necessary details and depth in your investigations of complex (technical) issues.Initiative and proactive. You enjoy a busy environment, where you are able to take initiative and be productive. You are not afraid to challenge the existing way of doing things with a focus on optimizing processes and services.Communicative. You consider communication style based on the audience, with the ability to communicate highly technical findings to a non-technical audience clearly. You are comfortable with the preparation of documentation and reports.Passionate and knowledge-seeking. You are passionate about cybersecurity and attaining knowledge on new trends. You find it natural to seek answers to things you do not know and aspire to help set new standards within cybersecurity.Authentic and convincing. You demonstrate professional and personal integrity towards stakeholders, customers, and co-workers from your strong virtue of being well-prepared and the depth of your technical skills. Your argumentation has a convincing effect.We encourage all qualified applicants to apply regardless of age, sex, gender, gender identity or expression, sexual orientation, religion, country of origin, or ethnicity. #J-18808-Ljbffr