At ABB, we help industries outrun - leaner and cleaner. Here, progress is an expectation - for you, your team, and the world. As a global market leader, we’ll give you what you need to make it happen. It won’t always be easy, growing takes grit. But at ABB, you’ll never run alone. Run what runs the world.

This Position reports to:

Business Title IS Service Owner for Application Security

 

Junior Offensive Security Red Teamer

In this role, you will have the opportunity to successfully develop and implement security measures for ABB in your area of responsibility. Each day, you will protect ABB from rapidly escalating threats. You will also showcase your expertise by staying vigilant in combating security threats, taking charge of the organization's cybersecurity, and keeping track of existing security infrastructure to ensure systems that protect vital information are secured.

You will be mainly accountable for:

Conduct daily security assessments using methodologies and frameworks such as the MITRE ATT&CK Framework, OWASP Testing Methodology, or OSTMM3.Identify vulnerabilities, filter out false positives, and report confirmed findings along with best practices for remediation.Create detailed technical reports documenting actions taken to discover and confirm vulnerabilities.Retest vulnerabilities marked as fixed, attempting to circumvent and bypass implemented protections.Provide support during the vulnerability remediation process by explaining findings and necessary actions to fix the vulnerability.Implement and run offensive security tools, creating scripts to automate vulnerability identification efforts whenever possible.Collaborate with security teams (Blue Team) to coordinate efforts in identifying attacks exploited during vulnerability assessments.

The work model for the role is: HYBRID

This role is contributing to the CFC/TRM/IS Offensive Securit in Poland. Main stakeholders are ABB CSIRT (Computer Security Incident Response Team), ABB D&R (Detect and Response), ABB Threat Hunting, ABB Threat Intel, ABB FLCM (Finding Lifecycle Management), Server Owners and Application Owners.

More about us:

You will be a member of TRM (Technical Risk Management) - Offensive Security.  The Offensive Security is part of ABB  CFC (Cyber Fusion Center).

A Cyber Fusion Center, is a team of information security professionals that protects the organization by monitoring, detecting, analyzing, and investigating cyber threats. Networks, servers, computers, endpoint devices, operating systems, applications and databases are continuously examined for signs of a cyber security incident. The SOC team analyzes feeds, establishes rules, identifies exceptions, enhances responses and keeps a look out for new threats within Global cyber space and makes sure ABB is ready to detect and mitigate those threats should they attack ABB IS infrastructure.

As member of CFC – TRM Offensive Security, your objective is to simulate real-world adversarial attacks to assess and strengthen an organization's defense mechanisms, including people, processes, and technology. This helps identify vulnerabilities, test incident response capabilities, and improve overall security posture.

Qualifications for the role

You have 2 years of experience in Offensive Security.A degree in a cybersecurity-related field.Practical experience with Linux and Windows operating systems, as well as network protocols like TCP/IP, UDP, FTP, SMB, SSH, HTTP, ICMP, NTP, etc.Basic knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and their security features.Knowledge of security frameworks (e.g., OWASP, NIST, IEC 62443, ISO 27001).Experience with offensive security operating systems like Kali Linux or Parrot Linux, and common tools such as NMAP, Metasploit Framework, CrackMapExec, NetExec, SQLMAP, BurpSuite, Nuclei, SMBMAP, SMBCLIENT, Impacket, BloodHound, Wireshark, etc.Thorough understanding of application security principles, including network security, encryption, access management, and their best practices.Proficient knowledge of application security principles related to network security, application security, secure coding, and cloud security, along with best practices in these areas.Understanding of programming logic and ability to create basic scripts in languages such as Shell Script, Python, GoLang, etc.Offensive security certifications such as CEH, OSCP, PJPT, PJWT, CompTIA PenTest+, EJPT, or experience with platforms like Hack The Box and TryHackMe. Proactive learning in these environments is also acceptable in lieu of certifications.

We value people from different backgrounds. Could this be your story? Apply today or visit www.abb.com to read more about us and learn about the impact of our solutions across the globe.