As a Senior OT Penetration Tester at Bureau Veritas Cybersecurity, you don’t just test standard IT environments, you assess systems that control real-world processes. From energy grids to industrial production lines, your work focuses on identifying vulnerabilities in complex ICS/SCADA environments before they impact operations, safety, or continuity.
You operate at the core of critical infrastructure, working in environments where digital systems directly interact with physical processes. You will conduct penetration tests and security assessments across a wide range of OT landscapes. This includes industrial and manufacturing environments, where you evaluate production lines, PLCs, SCADA systems, and robotics. You will also work within the energy and utilities sector, testing systems that underpin electricity grids and water treatment facilities; environments where resilience and uptime are critical.
In addition, you assess transport and logistics systems that control rail, ports, and supply chains, including signaling and connected IoT solutions. You will be involved in oil, gas, and chemical industries, analyzing highly complex and safety-critical control systems, as well as smart buildings and modern infrastructure where you test building management systems, access control, and interconnected technologies used in offices, hospitals, and data centers.
We go beyond checklist-driven testing. You simulate realistic attack scenarios, move across IT/OT boundaries, and uncover weaknesses in industrial environments. If you understand how OT differs from IT, and how to test it responsibly and effectively, we would like to get in touch with you.
While your core focus is OT, you will also assess IT components where they are part of the attack surface. At the end of the day, your work directly improves the resilience of industrial environments by identifying real-world weaknesses before they can be exploited.
What you will do
-
Execute advanced penetration tests in OT environments (ICS, SCADA, PLC), focusing on realistic attack paths
-
Identify and exploit vulnerabilities across IT/OT boundaries, including remote access and segmentation weaknesses
-
Simulate real-world attacker scenarios such as ransomware and lateral movement into production environments
-
Perform deep technical assessments of industrial protocols and devices
-
Lead technically complex engagements and menertor other team membs
What you bring
-
Proven experience in OT and/or IT penetration testing within industrial environments
-
Strong understanding of ICS systems (PLC, SCADA, DCS) and industrial networks
-
Solid networking knowledge and experience with Active Directory in converged IT/OT environments
-
Experience with offensive tooling and the ability to go beyond standard tools when needed
-
Ability to translate technical findings into real-world impact on operations and safety
-
Strong communication skills in English; Dutch is a plus
What you can expect with us
At Bureau Veritas Cybersecurity, you will work in an environment that truly understands OT security. We give you the space to apply your expertise in complex, real-world environments where depth, realism, and technical quality matter more than ticking boxes. You won’t be limited to standard methodologies. Instead, you will have the freedom to think like an attacker and approach each assessment in a way that reflects how threats materialize in OT.
We actively invest in your development as an OT specialist. Whether it’s deepening your knowledge of industrial protocols, advancing your red teaming capabilities, or growing into a technical lead role, you will be supported with training, certifications, and hands-on experience in some of the most challenging environments. You will work alongside highly skilled colleagues who share your passion for offensive security and enjoy diving deep into complex systems.
Your projects will take you into the heart of critical infrastructure and industrial environments. From large-scale manufacturing to energy networks and transportation systems, you will engage with clients who truly rely on your expertise. This means your work has visible impact. You are not just reporting vulnerabilities but actively contributing to the resilience and safety of essential operations.
We also value autonomy and trust. You will have the flexibility to organize your work, decide how to approach technical challenges, and take ownership of engagements. At the same time, we maintain a strong team culture where collaboration, knowledge sharing, and peer feedback help everyone improves continuously.
Finally, we believe that a strong team performs best when there is room for enjoyment and connection. At Bureau Veritas Cybersecurity, we combine technical excellence with an open and informal culture, where successes are celebrated and team activities. From technical sessions to social events, we bring people together.
We have offices in Eindhoven and Amsterdam, and this role can be based out of either location.
Are you interested in this vacancy?
Do you have questions or would you like to apply? Please contact us via [email protected]
Note: Pre-employment screening, including a Certificate of Conduct (VOG), and an assessment are part of the recruitment process.
