Senior Ethical Hacker
Hack & slash your way to retail platform safety
How do you make our customers happy?
By wielding the sharpest digital swords in your arsenal and stealthily hacking away at anything and everything that stands between you and the prize: sneaky, backdoor entry. đ
Obviously, you do this without nefarious intent, you own an impressive collection of stylish hats, and theyâre all #FFFFFF and immediately share your methods and findings with the team so we can take the appropriate action and close any holes you berserked your way through. In short: you go on the offensive to make our platform safer for customers and partners
Get to know Engineering
This role is part of the Engineering Job Family. Explore this Job Family to learn more about the purpose, key accountabilities and competencies.
Explore Engineering
The biggest challenge
As an Ethical Hacker, you use your offensive prowess to âattackâ our platform, pen testing on request (e.g., for product teams) and on your own initiative. You base your actions on risk priority: high risk threats take precedence over low risk stuff. Other responsibilities include reviewing technical designs/ideas, âbreaking stuff on paper sessions,â vulnerability assessments of apps/systems/networks, and threat modeling to help product teams assess their own risks and those inherent in their solutions. Plus anything and everything else that needs doing, but nobody thought to mention.
What you will do as Senior Ethical Hacker
Youâll join the Security Operations team of hackers, defenders, and âif itâs fixable, consider it doneâ problem solvers. A team where âredâ and âblueâ specialists blend into a beautiful purple squad that keeps the bol.com platform safe and secure. We build and run security solutions for and across the entire bol.com landscape. That includes the âusual suspectsâ like customer and partner facing platforms, office solutions, and the cloud environment, but it also encompasses the logistical ecosystems that keep our fulfillment centers humming and the parcels on our conveyor belts cruising. You have two direct colleagues (who are big on white Stetsons) and six (for now!) âblue teamâ security engineers. In addition to hacking and engineering, (y)our team is responsible for security incident management: keeping track of bol.comâs overall security position (systems and data) and running various big security projects.
Why you can make a difference
Because youâre an accomplished ethical hacker/penetration tester with a deep understanding of internet-facing web applications and cloud-native environments. You are as adept at quick assessments as you are conducting in-depth pen tests, and know when which approach works best. Previous experience in large engineering-driven environments where open source is often the tooling of choice is a must. After all, at bol.com we ideate and build most of our solution in-house (sure, we leverage existing libraries and frameworks), so that has to appeal to you as well. We also expect you to be âalways availableâ to our software engineers when they have questions. And to step up to the plate if a security alert breaks the silence. Linux, tomcat, java, and spring microservices all serve us well (in the cloud, we operate native infra on GCP, e.g., Kubernetes), so affinity with those would be a major asset.
3 reasons why this is (not) for you
Switch to find out
Your resourcefulness is matched by your initiative
You donât wait for problems to solve; you find them
You are obsessed with details
You spot technical issues and threats that everyone else glosses over
You zoom in and out with gusto
You know whatâs important when, prioritize like a boss, and naturally zoom in on the biggest risks first
Where you'll be working
At one of the best-known online retail tech platforms in the Netherlands and Belgium. A platform where roughly 13 million customers can choose from ~38 million articles. A platform that helps about 49,000 commercial partners run their businesses. And a platform that will never be âfinishedâ because bol.com has been reinventing retail since 1999, and we always will be. If thereâs a better way to do something, weâre on it! Together with our customers, partners, and over 2,900 colleagues. We work in multidisciplinary teams and aim to enable and empower teams and individuals alike. Our guiding principles are âjob roles over job titles,â autonomy, trust, and ownership.
We take pride in our B Corp certification and strive for continuous improvement every day. Our annual bonus is tied to sustainability goals, and we are committed to equality and equal opportunities for all.
Perks of having a blue heart
29 days
to recharge
Travel costs
Public transport, car, parking & charging covered
Pension plan
75% premium covered
Annual bonus
Based on sustainability goals
