Offensive Security Specialist

Capgemini

  • Diegem, Vlaams Brabant
  • Vast
  • Voltijds
  • 1 maand geleden
About The Role :As a Cybersecurity Offensive Specialist at Capgemini, you'll play a critical role in strengthening our clients' security posture by proactively uncovering and exploiting weaknesses in their systems. You'll join a collaborative team of offensive and defensive experts-sharing insights with incident responders, purple teams, and architects-to drive continuous improvement across people, processes, and technology.Responsibilities :
  • Proactive Security Assessments
  • Identify, analyze and prioritize vulnerabilities, misconfigurations, and design gaps in networks, applications, and infrastructure.
  • Drive “security by design” improvements through clear, actionable recommendations.
  • Collaboration & Knowledge Sharing
  • Work closely with incident response, SOC, and purple-team colleagues to translate offensive findings into enhanced detection and remediation strategies.
  • Present technical findings and remediation roadmaps to both technical teams and executive stakeholders.
Key Activities * Vulnerability Assessment Specialist
  • Configure and run automated scans (e.g. Nessus, Tenable.io) against target environments.
  • Manually validate scan results, triage false positives, and assess business impact.
  • Produce detailed assessment reports and present findings to clients.
  • Contribute to purple-team exercises to validate detection and prevention controls.
  • Penetration Testing Specialist
  • Plan and execute scoped pentests-both manual and tool-driven (e.g. Burp Suite, Metasploit, Cobalt Strike).
  • Exploit identified weaknesses to validate risk, then propose realistic remediation steps.
  • Evaluate the maturity of existing security controls and vulnerability management processes.
  • Deliver comprehensive engagement reports and debrief sessions with client teams.
  • Red Teaming Specialist
  • Design and run multi-phased red-team exercises emulating advanced persistent threat tactics, techniques, and procedures.
  • Employ stealthy evasion and privilege-escalation methods to demonstrate worst-case impact.
  • Evaluate and challenge blue-team detection, response playbooks, and incident handling capabilities.
  • Lead post-exercise “lessons learned” workshops and help harden defenses.
Required Skills and Experience :
  • Core Expertise
  • 3+ years hands-on experience in one or more offensive disciplines.
  • Proven ability to translate technical findings into business-oriented risk narratives.
  • Excellent written and verbal communication skills.
  • Vulnerability Assessment
  • Mastery of vulnerability scanning platforms (e.g. Nessus, Rapid7, Qualys).
  • Penetration Testing
  • Deep familiarity with web, network, and API pentesting toolchains (Burp Suite, Cobalt Strike, Metasploit).
  • Red Teaming
  • Advanced skills in adversary emulation, covert C2, stealthy payload delivery, and lateral movement.
Additional Skills :
  • Industry certifications such as OSCP, OSCE, CRTO, or GXPN.
  • Scripting proficiency (Python, PowerShell, Bash) for automation and custom tooling.
  • Experience testing cloud and container environments (AWS, Azure, GCP, Kubernetes).
  • Prior work in regulated sectors (finance, healthcare, government)
Ref. code: 297034Posted on: Jul 23, 2025Experience Level: Experienced ProfessionalsContract Type: PermanentLocation:Diegem, BEBrand: CapgeminiProfessional Community: Cybersecurity

Capgemini