As a Senior Offensive Security Advisor, you contribute to identifying, analyzing, and remediating threats targeting the organization’s exposed systems. You conduct advanced penetration tests, code reviews, threat modeling, and various offensive security activities. Your role goes beyond simply producing reports: you collaborate actively with security and infrastructure teams to understand the root causes of vulnerabilities, recommend practical solutions, and assist in their implementation.
You will have access to a diverse scope, cutting‑edge offensive tools, and the opportunity for continuous testing to strengthen the organization’s overall cybersecurity posture. More specifically, you will be required to:
Plan and execute offensive assessments: penetration tests, threat modeling, and targeted technical analyses.
Detect, analyze, and prioritize vulnerabilities, then support teams in applying concrete fixes.
Collaborate closely with IT and security teams to understand root causes and deploy prevention and detection mechanisms.
Produce clear, actionable reports including observations, technical evidence, and prioritized recommendations.
Explore, map, and maintain visibility over exposed assets while continuously monitoring the external perimeter.
Explain threats, present risks, and lead technical workshops to support decision‑making.
Design and improve innovative offensive methods, tools, and approaches.
Manage your mandates autonomously, including planning, prioritization, and coordination with stakeholders.
What we offer*
Competitive salary and annual bonus
4 weeks of flexible vacation starting in the first year
Defined benefit pension plan that provides predictable, stable income throughout retirement
Group insurance including telemedicine
Reimbursement of health and wellness expenses and telework equipment
#LI-Hybrid
What you bring to the table
Bachelor’s degree in IT or a related field
A minimum of six years of relevant experience in information security, including three years in penetration testing (pentesting or Red Team)
Please note that other combinations of qualifications and relevant experience may be considered
Experience in threat modeling (STRIDE, OWASP) and visual flow representation
Experience in manually identifying vulnerabilities and participating in bug bounty initiatives
Advanced proficiency in French, both spoken and written
Proficiency in source code and configuration analysis
Deep knowledge of application and infrastructure exploitation concepts, as well as defense mechanisms (MITRE ATT&CK)
Strong understanding of networks, identities, cloud, encryption, and application deployment
Knowledge of standard methodologies (e.g., NIST 800‑115)
Trade Union (If applicable)
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: