Red Team Operator

Our mission is clear: to enable businesses to operate securely. With over 275 dedicated specialists, Northwave works daily on innovative cybersecurity solutions that truly help organizations move forward. We operate from our headquarters in Utrecht and offices in Germany, Sweden, and Belgium.
Northwave brings together ethical hacking, behavioral psychology, and top-level security management. We respond to threats—and anticipate them—through 24/7 managed security services and tailored specialist solutions.
Joining Northwave means stepping into an environment where innovation and results go hand in hand. Whether you excel in technical testing or strategic client communication, you’ll have the freedom to help shape the future of digital security and make a real impact.

Northwave’s Red Team lives for hacking. Our team consists of 20+ hackers from all over the world, with diverse backgrounds and expertise. We focus solely on challenging pentests and realistic red teaming operations that enhance the digital resilience of organizations across Europe.
We collaborate with our Blue Team, Threat Intelligence, Reverse Engineering, and CERT to create realistic, high-value attack scenarios. In addition to our mature services, we are a highly regarded TIBER and ART provider, making our work consistently exciting and cutting-edge.

As a Red Team Operator, you design and execute attack scenarios that genuinely help clients improve. You train Blue Teams during Purple Teaming sessions and confidently present your findings—whether to technical teams or executive leadership.
Your toolkit includes OSINT, custom tooling, malware development, social engineering, privilege escalation, and command & control techniques. You’ll work independently and as part of a team on offensive operations and contribute to the ongoing development of our TTPs.
You’ll also have opportunities to share your knowledge—both within the team and at conferences, workshops, and events.

Everything starts with an intake session: what are the crown jewels? Together with the client, we develop realistic attack scenarios and formalize agreements in a Rules of Engagement document. We then jump straight into action using techniques such as OSINT, custom malware development, spear phishing, and vulnerability exploitation.

• A salary aligned with the challenges of red teaming and your experience

• Lease car or travel reimbursement

• MacBook and iPhone

• 25 vacation days

• A solid pension plan

• The possibility to work hybrid

• Complex and challenging red team projects for major clients

• A people-focused working environment

• Training budget for OSCP, OSEP, CRTO, or equivalent certifications

• Access to leading (international) cybersecurity conferences

• A workplace with more than 275 passionate colleagues

• Fun events and plenty of room for your own initiatives

Must-haves

• At least 3 years of experience in red teaming and/or infrastructure penetration testing

• Proven experience with Active Directory attacks (LDAP enumeration, ACL abuse, Kerberoasting, etc.)

• Hands-on knowledge of C2 platforms such as Cobalt Strike, Mythic, Sliver, or Outflank Security Tooling

• Strong consultancy skills: you listen, ask the right questions, and can present and report clearly

• Capable of running operations independently and working effectively in a team

Nice-to-haves

• Experience with adversary simulation

• Familiarity with TIBER or ART engagements is a strong plus, but not required

• Cloud knowledge, especially of Azure or AWS

• A technical background at bachelor's or master's level, or equivalent through experience

Finally
If you're available to start soon, we're excited to welcome you on board quickly—and of course, that comes with appropriate recognition.
Not sure if your profile matches the role perfectly, but still feel excited about it? Don’t hesitate to reach out. We’d love to explore together whether there’s a match.

What is important to you in your next step? We are happy to start a conversation. Apply directly or contact our recruiter Bastiaan first.

bastiaan.rolloos@northwave-cybersecurity.com

+31 6 45 880 490