Pentester in SecOps

In a nutshell

At Picnic, we're building the most secure milkman on earth, and we need someone to help us verify that reality. As our Pentester in SecOps team, you’ll combine offensive and defensive security skills to identify vulnerabilities, strengthen defenses, and improve our security culture. You’ll conduct pentests across web, mobile, network, and cloud systems, run red teaming exercises, and manage our vulnerability programs. You’ll also empower development teams to adopt secure coding practices while enhancing our pentesting workflows with MCPs and LLMs

Tricks of the trade

• Ownership: Take charge of the pentesting process, from planning to execution and reporting, ensuring comprehensive coverage across all Picnic services while encouraging continuous improvement
• Management: Own the Vulnerability Disclosure Program, manage remediation workflows, and define KPIs to track coverage and effectiveness
• Collaboration: Work closely with development teams to integrate security best practices into the software development lifecycle
• Innovation: Leverage MCPs and LLMs to enhance pentesting efficiency and automation and build customized and scalable solutions for Picnic.
• Training: Conduct application security workshops to raise awareness and promote secure coding practices among developers
• Our tech: AWS, Google Workspace, Keycloak, Docker, Kubernetes (EKS), Helm, Terraform, Python, SAML, OAuth, OpenID, JWT (JSON Web Tokens), 802.1x, Atlassian (Jira, Confluence), IoT, Web & Mobile Apps, APIs.
  
  
  

We’re looking for

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Security, or a related field (or equivalent practical experience).
• At least 4 years of relevant experience in pentesting web, mobile, network and cloud environments.
• Strong communication skills to report findings clearly and train development teams
• Curious and pragmatic, keep things simple without losing quality, and bring structure and organisation to the unknowns.
• A certificate of conduct (Verklaring Omtrent het Gedrag, VOG) would be requested during the process.
  
  
  

Picnic Perks

✍🏼 Every expert was once a beginner!

You’ll get plenty of opportunities to challenge yourself and grow, including the Picnic Tech Academy, Lunch & Learn sessions, and tailored soft skills training. We also offer free professional weekly language courses.

💡 Make a difference

You’ll work in an awesome startup environment with the freedom to drive your own projects and create a visible impact. Our fully electric vehicles and sustainable business model mean you’ll also be contributing to making the world a better place!

🫱🏼‍🫲🏾 Teamwork makes the dream work

With more than 80 nationalities across 3 countries, you’ll be part of a diverse company with plenty of cool stuff to get involved with, from board game evenings to after-work drinks to our company ski trip and more!

🍎 You Are What You Eat

You’ll get freshly prepared, healthy lunches and snacks (with plenty of vegetarian, vegan, and halal options). Coffee snob? Don’t worry, our amazing Picnic barista has you covered.

🚴🏽 Stay healthy

Mental health is important. As well as having the option to speak with Picnic colleagues who act as confidential advisors, our collaboration with OpenUp gives you easy access to professional psychologists, along with workshops and materials. There are plenty of sports communities and events to get involved with, from tennis to yoga, to climbing!

🔋 Attractive package

We offer competitive compensation and a pension plan that looks out for your future self, as well as 25 vacation days per year, so you can recharge your batteries

🌍 Benefits For Expats

It can be daunting starting a new job AND moving to a new country. That’s why we offer lots of support for our many expat colleagues, if you want to find our relocation benefits, see here.