Cyber Offensive Security Engineer / Red Team Engineer (m/w/d)

The Schwarz IT supports the entire digital infrastructure and all software solutions of the companies of the Schwarz Group. It is therefore responsible for selecting, providing and operating as well as further developing IT infrastructures, IT platforms and business applications. In order to optimally support the departments through IT solutions in their business processes, the Schwarz IT takes up the requirements of the departments in consultations and works together with these professional and efficient IT solutions. You plan and execute Red Team and Purple Team deployments throughout the Black Group and enjoy many freedoms in implementing and selecting the targets You know current threats, vulnerabilities and exploits and can evaluate them in terms of their risk and impact You create vulnerabilities, for example in programs, configurations, processes or human behavior, and develop techniques for their use You plan and execute physical attacks ranging from lockpicking and concealed access to copying from rejects to social engineering Learn about Advanced Threat Actors, their tactics, techniques and procedures (TTPs) and can use them in their own attack scenarios You develop and operate your own tools, including own malware that can handle common security and surveillance systems You work closely with the Blue Team and support it in the continuous improvement of its protection mechanisms and processes You plan and run Tabletop-Exercises and Capture-The-Flag events

You have experience in cyber security and especially in Offensive Security (Pentesting, Red Teaming, Ethical Hacking) You have a quick understanding and understanding of new situations, tools and technologies and can quickly use it Your knowledge includes a wide range of attack methods and techniques, including post-exploritation and lateral movement You've already worked as a penetration tester, Red Team Operator or Security Researcher You know relevant attack tools and are familiar with network protocols and cloud security You have experience in the development of new attack techniques and the handling of typical security systems You master script and programming languages like Python, Powershell, Go, C#, C++ or Rust to develop your own tools You have the urge to find vulnerabilities and to go into exchange with colleagues to close them You are characterized by high analytical, communicative and creative abilities, you like to work independently, in the team and think like an attacker You are certified in the field of offensive security (OSCP, OSEP, OSED/E, CRTO, CRTE,..) You perform convincingly and safely and communicate in German and English JOBV1_EN