Cyber Security Specialists & Engineers (Mid to Senior)

We are currently seeking several Cyber Security Specialists, Engineers, Risk Officers, and Testers with 5+ years of experience to join our consulting teams. Due to the rapid expansion of critical security initiatives, we have multiple open positions based either in Brussels (Belgium) or in The Hague region (Netherlands) .

You will be integrated into highly secure environments to support prestigious international defense organizations and European institutions . These roles cover a broad spectrum of the security lifecycle, including Security Accreditation, Risk Assessment, Technical Auditing, Penetration Testing, and Security Operations ., * Plan, scope, and execute advanced penetration testing and ethical hacking activities across complex enterprise networks, web applications, thick clients, and cloud infrastructures.

• Conduct red-teaming exercises and simulate real-world cyberattacks using standard frameworks (e.g., MITRE ATT&CK) to identify exploitable vulnerabilities and pathways.
• Manually exploit flaws safely within production or staging environments, bypassing defensive controls while maintaining system availability and operational integrity.
• Deliver clear post-exploitation briefings and document technical remediation guidelines to assist engineering teams in patching vulnerabilities.

2. Cyber Security Assessor (Vulnerability Assessment & Auditing)

• Plan and execute technical, on-site security audits across networks, systems, and hybrid/cloud infrastructures.
• Conduct configuration vulnerability scans utilizing enterprise tools (specifically Tenable Nessus including custom audit files) and audit Active Directory/Entra ID architectures.
• Benchmark systems against international security controls (e.g., Zero Trust Architecture , Data-Centric Security, CIS Benchmarks, NIST).
• Assess risks regarding emerging advanced technologies, including Large Language Models (LLMs) and containerized automation platforms (Ansible).

3. Security Accreditation & Engineering

• Act as the security guidance lead across the full system lifecycle for major communication and information system (CIS) projects.
• Develop, manage, and update vital accreditation artifacts, including Security Accreditation Plans, Security Requirements Statements, Security Operating Procedures (SecOPs), and Security Test & Verification Plans (STVP) .
• Witness security testing, identify technical vulnerabilities, and coordinate remediation plans with internal engineering teams and external Security Accreditation Authorities (SAA).

4. Cyber Security Risk Assessment & Coordination

• Identify asset scope and lead risk management teams covering physical, personnel, informational, and industrial security.
• Formulate comprehensive Security Risk Management (SRM) and Security Risk Assessment (SRA) reports using structured risk assessment methodologies and tools (e.g., PILAR ).
• Define and track security metrics, including Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs), to establish ongoing risk mitigation strategies.

5. Cyber Security Operations & Service Delivery

• Support day-to-day delivery, compliance, and performance tracking of Endpoint Security services (e.g., Trellix) and Gateway Security services (firewalls, web proxies, email gateways) against security baselines.
• Coordinate incident tracking, problem management (Root Cause Analysis), change management, and service requests across multidisciplinary technical teams.
• Monitor Service Level Agreements (SLAs) and prepare operational security posture dashboards for senior stakeholders following ITIL principles.

• Experience: Minimum of 5 years of proven experience in Cyber Security Engineering, Penetration Testing, Risk Management, or Auditing within highly complex IT environments.
• Technical Skills Matrix (Role Dependent):
• For Pen Testers: Mastery of Kali Linux, Metasploit, Burp Suite, Cobalt Strike, Wireshark, and custom exploitation tools.
• Strong scripting skills ( PowerShell, Python, or Bash ) to automate repeatable security workflows or build custom scripts.
• Deep understanding of secure enterprise networking, identity frameworks (Azure AD, OIDC, IAM), and endpoint protection technologies.
• Soft Skills: Exceptional technical writing, briefing, and presentation skills-comfortable communicating complex technical risks or exploit pathways clearly to non-technical executive stakeholders.
• Languages: Fluent English

Preferred Certifications & Background (Nice to Have)

• Penetration Testing: OSCP, OSCE, CEH Master, GPEN, or GXPN.
• Cyber Security & Risk: CISSP, CISA, CISM, or GIAC.
• Service Frameworks: ITIL, TOGAF, or ArchiMate.
• Industry Experience: Prior experience working within military, national government, or international governmental organizations is a major asset and will highly accelerate your security onboarding.

• Location: Multiple positions available in Brussels (Belgium) OR The Hague (Netherlands).
• Work Regime: Full-time (40h/week).
• Remote Policy: Mainly on-site (minimum 3 days per week) due to the high classification of systems and strict on-site operational protocols.
• Eligibility & Clearance Note: Strictly restricted to Portuguese citizens holding an EU passport. The selected candidates must undergo a mandatory national security clearance process. For administrative and compliance reasons, this specific clearance process can only be requested and sponsored through our local UDDAN office in Portugal for Portuguese nationals .

Founded in 2015, UDDAN is a dynamic IT consulting company specializing in digital transformation. We leverage low-code technologies to streamline web and mobile processes for our clients. Driven by the challenge of helping our customers deliver superior products and services, we operate from strategic hubs in Belgium, the Netherlands, Sweden, and Portugal.