Senior Penetration Tester/Red Team Operator

Company NTT
Machelen, Belgium
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
Dutch, English, French
Experience level
Senior

Job location

Machelen, Belgium

Tech stack

Microsoft Active Directory
Amazon Web Services (AWS)
Software Applications
Software System Penetration Testing
Azure
Cloud Computing
Computer Security
Web Browsers
Open Source Technology
Phishing
Red Team (Cyber Security)
Google Cloud Platform
Office365
Information Technology
Purple Team (Cyber Security)

Job description

After an initial onboarding into NTT Data methodologies and client environments, you will be expected to:

Lead and execute technical engagements, including scoping, technical security testing, analysis, reporting, and client presentations, across:

  • Web, Mobile, and Desktop Applications Penetration Tests
  • IT Infrastructure and Network environments Penetration Tests
  • Active Directory and hybrid identity (AD / Entra ID) Penetration Tests
  • Cloud platforms (Azure, AWS, GCP, M365) Penetration Tests
  • Full-spectrum Red Team and Adversary Simulation operations

Design and deliver adversary simulation, including:

  • Developing realistic, intelligence-led attack scenarios grounded in actual threat actor TTPs
  • Crafting phishing and social engineering campaigns
  • Bypassing modern defensive controls (EDR/XDR, MFA) using low-noise techniques
  • Developing or adapting custom tooling for delivery, evasion, and C2
  • Supporting Purple Team exercises to directly improve client detection and response capabilities

Drive Research & Development, including:

  • Becoming a recognised expert in one or more domains of your choosing (Active Directory, cloud-native environments, web browsers, OT/ICS, containers, hardware, etc.)
  • Researching and responsibly disclosing previously undiscovered vulnerabilities (0-days)
  • Publishing research through blog posts, whitepapers, CVEs, or conference talks
  • Developing novel attack techniques applicable to real-world Red Team engagements

Contribute to the business and the team, including:

  • Supporting pre-sales by capturing client needs and translating them into commercial proposals
  • Mentoring and guiding junior consultants through projects and skill development
  • Maintaining a broad, up-to-date knowledge base across core information security domains
  • Communicating complex attacker behaviour clearly and accurately to both technical and non-technical stakeholders

Requirements

  • 4-5 years of proven experience in Penetration Testing/Red Team Operations.
  • Proven experience leading or delivering Red Team and/or adversary simulation engagements in complex enterprise environments
  • Deep understanding of Active Directory, hybrid identity, and cloud attack surfaces
  • Hands-on experience developing or adapting TTPs beyond what standard frameworks provide out of the box
  • Demonstrated ability to research abuse paths, misconfigurations, or novel vulnerabilities
  • Strong written and verbal communication skills, this means you can write a compelling attack narrative and present findings to a CISO without losing either audience (technical or non-technical)
  • Comfortable acting as a trusted technical advisor to clients and stakeholders
  • Strong teamwork abilities
  • Native proficiency in French or Dutch, with excellent verbal and written knowledge of English

Nice to have:

  • Experience emulating specific real-world threat actors (APT groups, ransomware operators)
  • Hands-on vulnerability research or PoC development leading to CVEs or public disclosure
  • Contributions to open-source tooling, public research, or conference presentations (DEF CON, Black Hat, BruCon, ...)
  • Familiarity with regulated-sector testing frameworks (TIBER-EU, DORA, CBEST, GBEST)
  • Relevant certifications (CRTO, CRTE, OSED, OSEP, CCRTS or equivalent), very valued but not a prerequisite

Who You Are:

  • Naturally curious, you read threat intel reports for fun and follow OffSec research because you want to
  • Motivated by real-world impact, not engagement count
  • Comfortable with ambiguity and complex environments
  • A low-ego collaborator who challenges ideas constructively
  • Committed to continuous learning and raising the bar for those around you
  • Flexible and you have a willingness to travel for limited periods if required
  • In possession of a valid driving license (category B) is required
  • You are eligible and prepared to obtain NATO security clearance

Benefits & conditions

  • Contract of unlimited duration
  • Annual bonus
  • Lunch vouchers
  • Forfaitary compensation for professional costs
  • Company car or Mobility budget
  • Hospitalisation insurance and ambulant care at premium level
  • Group and disability insurance
  • Possibility to order a lease bike
  • 31 days of holiday plus seniority days
  • Data and voice subscription + contribution for a smartphone device
  • Contribution for internet at home
  • Contribution for IT equipment
  • Private use of your NTT laptop

About the company

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive. As our Technology Consulting Services department continues to expand, we are seeking a Senior Penetration Tester/Red Team Operator to join our team. This is a hybrid role (PT/RT) for someone who thinks like an adversary, learns and follows real-world threat actors, and cares about the quality and relevance of every engagement they touch. You will lead and execute technical security assessments across a broad range of environments and dedicate a meaningful portion of your time to Research & Development (R&D) , developing new tooling, novel attack techniques, and advancing your own areas of deep expertise. This is not a checkbox testing role. Our clients engage us because they want to understand how a real attacker would operate against them. Your job is to make that simulation credible, contextual, and genuinely useful to defenders., About NTT DATA NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 70 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each

Apply for this position