Job matched to your search
Ethical Hacker
bol · Utrecht
Free · Join 5,000+ job seekers using Qarera
How well do you match this role?
Tap the skills you already have â then see your real match score, whatâs missing, and your resume fixed for this job.
Job description
How do you make our customers happy? By wielding the sharpest digital swords in your arsenal and stealthily hacking away at anything and everything that stands between you and the prize: sneaky, backdoor entry. đ Obviously, you do this without nefarious intent â you own an impressive collection of stylish hats, and theyâre all #FFFFFF â and immediately share your methods and findings with the team so we can take the appropriate action and close any holes you berserked your way through. In short: you go on the offensive to make our platform safer for customers and partners.
What You Do As Ethical Hacker Youâll join the Security Operations team of hackers, defenders, and âif itâs fixable, consider it doneâ problem solvers. A team where âredâ and âblueâ specialists blend into a beautiful purple squad that keeps the bol.com platform safe and secure. We build and run security solutions for and across the entire bol.com landscape. That includes the âusual suspectsâ like customer and partner facing platforms, office solutions, and the cloud environment, but it also encompasses the logistical ecosystems that keep our fulfillment centers humming and the parcels on our conveyor belts cruising. You have two direct colleagues (who are big on white Stetsons) and six (for now!) âblue teamâ security engineers. In addition to hacking and engineering, (y)our team is responsible for security incident management: keeping track of bol.comâs overall security position (systems and data) and running various big security projects.
As an Ethical Hacker, you use your offensive prowess to âattackâ our platform, pen testing on request (e.g., for product teams) and on your own initiative. You base your actions on risk priority: high risk threats take precedence over low risk stuff. Other responsibilities include reviewing technical designs/ideas, âbreaking stuff on paper sessions,â vulnerability assessments of apps/systems/networks, and threat modeling to help product teams assess their own risks and those inherent in their solutions. Plus anything and everything else that needs doing, but nobody thought to mention. As for the atmosphere:
- Never a dull moment: there is always something new to pique your interest, and the security landscape is constantly changing.
- Passionate and driven: we love what we do. Many of us have turned our passion into our careers.
- Open minds that welcome new ideas; we want to hear your great ideas instead of telling you what to do and how to do it.
- Challenge yourself and others: challenge yourself and others in the team to come up with the best solution.
- No âholier-than-thouâ mentality: we think everybody is equal at bol.com, and we treat each other as such. Initiatives and ideas are equally appreciated from someone on their first day or in their tenth year at the company.
Why you can make a difference Because youâre an accomplished ethical hacker/penetration tester with a deep understanding of internet-facing web applications and cloud-native environments. You are as adept at quick assessments as you are conducting in-depth pen tests, and know when which approach works best. Previous experience in large engineering-driven environments where open source is often the tooling of choice is a must. After all, at bol.com we ideate and build most of our solution in-house (sure, we leverage existing libraries and frameworks), so that has to appeal to you as well. We also expect you to be âalways availableâ to our software engineers when they have questions. And to step up to the plate if a security alert breaks the silence. Linux, tomcat, java, and spring microservices all serve us well (in the cloud, we operate native infra on GCP, e.g., Kubernetes), so affinity with those would be a major asset.
3 reasons why this is (not) for you Switch to find out
- - You are the captain chaos of white hats You arenât exactly adept at organizing work in tools like jira
More jobs in Utrecht
Browse related jobs
Donât just read the job â see if youâll get it.
Get your match score, a resume tailored to this exact role, and jobs like it â free.
Check my fit for this job