At a glance

As an Offensive Security Expert for Threat Intelligence Based Security Assessments (TIBSA) you are responsible for testing the cyber resilience of the organisation. Together with the team, you will work on testing the security posture of the organisation to find weaknesses in existing security controls, procedures and processes, as well as gaps in detection and response.

Your job

As an Offensive Security Expert – TIBSA, your core responsibility is to initiate, plan, and execute Threat Intelligence-Based Security Assessments (TIBSA). These assessments go beyond traditional technical testing; they encompass a thorough evaluation of policies, procedures, and process frameworks related to the assets under review. You will play a pivotal role in ensuring the organization's security posture aligns with evolving threats by assessing both the design and implementation of security controls to validate their effectiveness.

Additionally, you will actively contribute to a wide range of offensive security testing activities, including but not limited to red teaming, attack simulations, threat actor emulations, and researching emerging attack techniques. You will also be instrumental in enhancing ABN AMRO's automated attack platform, ensuring it remains robust and adaptive to the latest threats. Your expertise will provide actionable insights that help refine both the design and implementation of security measures, ensuring they can withstand sophisticated adversarial tactics.

Your knowledge and experience will contribute to improving the overall security posture of the bank by testing the ABN AMRO systems, applications and processes and by looking at the ABN AMRO landscape using an offensive and a risk assessor's mindset.

You will be responsible for testing the bank’s assets in their respective environment, from a technical as well as from a process and procedural perspective. Within and outside of engagements you identify gaps, report them and advise about ways to fix them. As an offensive security expert, you stay well informed on the latest developments, and you actively share this knowledge with your colleagues and the community. You signal improvements related to the way of working and you contribute to improving the maturity of the offensive security capability in general and the TIBSA capability, specifically.

Working environment

You will be part of the Global Cyber Intelligence Center within the Corporate Information Security Office (CISO) of ABN AMRO in the Netherlands. You will work together with a team that consists of motivated and passionate cybersecurity experts, penetration testers and cyber threat analysts with specialisations such as open-source & human intelligence, malware analysis, (threat intelligence based-) security assessments and detection engineering.
Inside the team we work together in an informal way, and we provide a lot of variety and opportunities to keep developing yourself. ABN AMRO is moving to an agile way of working where speed, productivity, agility and innovative power come first. For you as an Offensive Security Expert, this means an interactive and inspiring way of working together across the team and with different departments of the bank.

Your profile

Required skills:

• You have approximately 3 - 5 years of relevant work experience in the offensive or security domain.
• You have experience with simulating adversarial techniques, tactics, and procedures, including the ability to classify and analyse them using the MITRE ATT&CK framework.
• You have experience performing security and/or risk assessments.
• Assess the design effectiveness of security controls by reviewing architecture diagrams, policies, and procedures against plausible threat scenarios.
• Identify security gaps by analysing how security governance, processes and technology would perform against simulated TTPs.
• Provide an independent validation of findings from technical simulations, focusing on root cause analysis from a policy, process, or architectural standpoint.
• You take ownership of your own delivery and have a proactive attitude.
• You are pragmatic and analytical and have good communication (fluent in English - verbal and in writing) and social skills.
• You have in depth experience with complex Windows, Mac, Linux environments and complex IT architecture.

Nice-to-have skills:

• You actively contribute to open-source projects or are engaged with the offensive security community.
• Affinity with or relevant work experience in the threat intelligence domain.
• You possess a number of relevant certifications like CRISC, CISA, CISSP, OSCP, OSEP, CRTO, CRTP, etc.
• You are energetic and like to work in an Agile environment.
• You are always curious, and willing to learn and experiment.
• Possess strong soft skills and stakeholder management abilities.
• Willing to contribute to the improvement and maturation of a newly established process.

We are offering

… a challenging job that puts you in charge of your own success. We will stimulate every opportunity to work on personal development, and will actively support you in keeping up to date with the latest (technical) developments. This includes following training or attending (or speaking at) international security conferences.
Our office in Amstelveen is your home office, but you are also welcome to work from one of our other offices. We are open for a flexible and hybrid work environment, aligned with the team.

We offer:

• The freedom to optimize your performance in a flexible working environment.
• Tools to stay fit and update your knowledge, with space provided for you to practice and grow your skills.
• An additional benefit budget of 11%, with which you can buy flexible terms of employment.
• A personal development budget of € 1.000 per year.
• 25 vacation days based on 40 hours (with the possibility to buy more vacation days).
• a solid pension plan that will set you up for the future.
• A flexible mobility package.
• An excellent pension scheme.
• Classification is based on your experience and skills, the position is opened in Hay 10.

Interested?

Does this sound like something you’d be interested in? Send us your application as soon as possible.

To find out more please contact Jaap van Oss (Expert Lead Global Cyber Intelligence Center) at jaap.van.oss@nl.abnamro.com.

We look forward to meeting you!

Your Future: Inclusive, Innovative, Sustainable

At ABN AMRO, we believe in "Banking for better, for generations to come." Equal opportunities for everyone are a crucial foundation, as we strive for an inclusive culture where all employees feel seen, heard, and valued. Our vision of being a personal bank in the digital age aligns perfectly with the demand for surprising insights and innovative solutions, born from a diverse interplay of cultures and experiences. We focus on customer experience, sustainability, and building a future-proof bank, conducting annual reviews to ensure equal pay for equal work. Join a bank that embraces ingenuity and ambition, and make an impact with us for a better future.

If you want to apply for the B-Able or Reboot program, make sure to mention it both in the title and the content of your resume.

Disclaimer external recruitment agencies

External recruitment agencies need to have a signed agreement with ABN AMRO BANK N.V., executed by a Talent Acquisition Specialist, when submitting a resume to a vacancy. No unsolicited services or offers, please.