Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.
As our Technology Consulting Services department continues to expand, we are seeking a Senior Penetration Tester/Red Team Operator to join our team.
This is a hybrid role (PT/RT) for someone who thinks like an adversary, learns and follows real-world threat actors, and cares about the quality and relevance of every engagement they touch.
You will lead and execute technical security assessments across a broad range of environments and dedicate a meaningful portion of your time to Research Development (RD), developing new tooling, novel attack techniques, and advancing your own areas of deep expertise.
This is not a checkbox testing role. Our clients engage us because they want to understand how a real attacker would operate against them. Your job is to make that simulation credible, contextual, and genuinely useful to defenders.
Job Description
After an initial onboarding into NTT Data methodologies and client environments, you will be expected to:
Lead and execute technical engagements, including scoping, technical security testing, analysis, reporting, and client presentations, across:
- Web, Mobile, and Desktop Applications Penetration Tests
- IT Infrastructure and Network environments Penetration Tests
- Active Directory and hybrid identity (AD / Entra ID) Penetration Tests
- Cloud platforms (Azure, AWS, GCP, M365) Penetration Tests
- Full-spectrum Red Team and Adversary Simulation operations
Design and deliver adversary simulation, including:
- Developing realistic, intelligence-led attack scenarios grounded in actual threat actor TTPs
- Crafting phishing and social engineering campaigns
- Bypassing modern defensive controls (EDR/XDR, MFA) using low-noise techniques
- Developing or adapting custom tooling for delivery, evasion, and C2
- Supporting Purple Team exercises to directly improve client detection and response capabilities
Drive Research Development, including:
- Becoming a recognised expert in one or more domains of your choosing (Active Directory, cloud-native environments, web browsers, OT/ICS, containers, hardware, etc.)
- Researching and responsibly disclosing previously undiscovered vulnerabilities (0-days)
- Publishing research through blog posts, whitepapers, CVEs, or conference talks
- Developing novel attack techniques applicable to real-world Red Team engagements
Contribute to the business and the team, including:
- Supporting pre-sales by capturing client needs and translating them into commercial proposals
- Mentoring and guiding junior consultants through projects and skill development
- Maintaining a broad, up-to-date knowledge base across core information security domains
- Communicating complex attacker behaviour clearly and accurately to both technical and non-technical stakeholders
Here’s what we are looking for in candidates
Must have:
- 4-5 years of proven experience in Penetration Testing/Red Team Operations.
- Proven experience leading or delivering Red Team and/or adversary simulation engagements in complex enterprise environments
- Deep understanding of Active Directory, hybrid identity, and cloud attack surfaces
- Hands-on experience developing or adapting TTPs beyond what standard frameworks provide out of the box
- Demonstrated ability to research abuse paths, misconfigurations, or novel vulnerabilities
- Strong written and verbal communication skills, this means you can write a compelling attack narrative and present findings to a CISO without losing either audience (technical or non-technical)
- Comfortable acting as a trusted technical advisor to clients and stakeholders
- Strong teamwork abilities
- Native proficiency in French or Dutch, with excellent verbal and written knowledge of English
Nice to have:
- Experience emulating specific real-world threat actors (APT groups, ransomware operators)
- Hands-on vulnerability research or PoC development leading to CVEs or public disclosure
- Contributions to open-source tooling, public research, or conference presentations (DEF CON, Black Hat, BruCon, ...)
- Familiarity with regulated-sector testing frameworks (TIBER-EU, DORA, CBEST, GBEST)
- Relevant certifications (CRTO, CRTE, OSED, OSEP, CCRTS or equivalent), very valued but not a prerequisite
Who You Are:
- Naturally curious, you read threat intel reports for fun and follow OffSec research because you want to
- Motivated by real-world impact, not engagement count
- Comfortable with ambiguity and complex environments
- A low-ego collaborator who challenges ideas constructively
- Committed to continuous learning and raising the bar for those around you
- Flexible and you have a willingness to travel for limited periods if required
- In possession of a valid driving license (category B) is required
- You are eligible and prepared to obtain NATO security clearance
What we offer
•
Contract of unlimited duration
•
Annual bonus
•
Lunch vouchers
•
Forfaitary compensation for professional costs
•
Company car or Mobility budget
•
Hospitalisation insurance and ambulant care at premium level
•
Group and disability insurance
•
Possibility to order a lease bike
•
31 days of holiday plus seniority days
•
Data and voice subscription contribution for a smartphone device
•
Contribution for internet at home
•
Contribution for IT equipment
•
Private use of your NTT laptop
Workplace type: Hybrid Working
About NTT DATA
NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in RD.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Third parties fraudulently posing as NTT DATA recruiters
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an nttdata.com email address. If you suspect any fraudulent activity, please contact us.
