EQUANS 

Equans is a world leader in the energy and services sector, with annual revenues of nearly €19,2 billion* and almost 800,000 projects.​ 

Equans has leading positions in Europe, which is the result of the history of energy construction in these countries, and strong presences in North and South America and in Oceania.​ 

With nearly 90,000 highly skilled employees, Equans has a strong geographic footprint, anchored by historic local brands. Equans provides its customers with excellent technical expertise in the design, installation, maintenance, and operation of multi-technical facilities. This know-how is based on key skills. First of all, in electrical and thermal engineering - two strong points that help accelerate the reduction of our clients' carbon footprint - but also in ventilation, refrigeration, mechanics and robotics, fire protection, energy renovation, digital solutions, IT, cyber security and telecommunications.​ 

The combination of thes expertises allows us to offer efficient and optimised solutions at all stages of the energy chain, from production, storage and transport to usage. 

(*) Turnover 2024 consolidated 

1. OFFENSIVE SECURITY ANALYST 

Summary of the role 

We are seeking a Senior Offensive Security Analyst (OSCP-certified) to become the very first member of the Offensive Security function within the Active Defense team at Equans Cybersecurity. As the inaugural hire, you will have a unique opportunity to shape and define the offensive security practice at Equans, setting the standards and building the foundations for future growth. 

You will be at the forefront of Equans’ proactive security strategy, working within the Active Defense team to identify, analyze, and mitigate threats across a global digital landscape supporting critical operations in over 20 countries. In this senior role, you will lead advanced penetration testing and the technical validation of vulnerabilities identified by the Vulnerability Management & Compliance Team (VMCT). 

Beyond hands-on technical work, you will mentor junior team members as the team grows. Your expertise and vision will directly contribute to the resilience and security of Equans’ infrastructure, and you will play a key role in shaping the future of offensive security within the organization. 

KEY METRICS OF THE ENVIRONMENT 

• Daily collaboration with the VMCT team for technical validation of vulnerabilities and coordination of remediation actions. 

• Equans operate on a global scale, overseeing and maintaining a vast digital landscape. The asset portfolio monitored includes more than 20 000 servers, network devices, and cloud resources distributed across multiple continents (+20 countries). This extensive infrastructure supports critical operations and requires continuous, adaptive security strategies to remain resilient against emerging threats. 

• Interaction with SecOps, external Red Teams, and CSIRT teams. 

• Participation in committees (WOCC) as the offensive security referent. 

KEY OBJECTIVES & KPIs 

• Rapid validation of new critical vulnerabilities within 24 hours after VMCT identification. 

• 100% of validated vulnerabilities accompanied by POC and reporting. 

• ≥ 90% of critical assets tested annually 

KEY RESPONSIBILITIES 

• Lead advanced penetration tests across critical assets (servers, networks, cloud, applications) with clear objectives, rules of engagement, and measurable outcomes. 

• Validate VMCT-identified vulnerabilities through controlled exploitation, proof-of-concept development, and rigorous technical analysis to confirm impact and exploitability. 

• Attack & challenge to elevate detection (Purple Teaming):  

• Design and execute adversary emulation campaigns (MITRE ATT&CK–aligned) to simulate real-world TTPs. 

• Partner with CSIRT and SecOps to test, measure, and improve detections (EDR, SIEM, SOAR playbooks), providing detailed detection engineering feedback and tuning guidance. 

• Threat-driven test planning: Prioritize engagements based on threat intelligence, asset criticality, and exploitation likelihood. 

• Reporting & communication: Produce clear, decision-ready technical reports and executive summaries; present findings to VMCT, SecOps, CSIRT, and business stakeholders. 

• Remediation guidance: Provide actionable, context-aware recommendations; collaborate with owners to ensure effective risk reduction. 

• Tooling & automation: Contribute to the evolution of offensive tooling and repeatable workflows ; develop scripts (Python/Bash) for test orchestration and evidence collection. 

• Continuous improvement & mentorship: Establish offensive security standards, coach junior team members as the function scales, and embed lessons learned into Active Defense practices. 

• Cross-team collaboration: Work closely with VMCT, SecOps, and CSIRT on incident simulation, threat hunting support, and readiness exercises (tabletops, blue/purple team drills). 

PROFILE  

Academic background & Experience  

• OSCP certification is required. 

• Minimum 5 years’ experience in offensive security or penetration testing, ideally in an international environment. 

• Proven experience in technical validation and exploitation of vulnerabilities.  

Behavioral Capabilities​ 

• Strong analytical and synthesis skills, rigor, and autonomy. 

• Excellent communication abilities, able to explain technical concepts to both technical and non-technical audiences. 

• Team player, able to collaborate with diverse profiles. 

• Resilience and responsiveness when handling critical vulnerabilities.  

Skills 

• Penetration testing methodology (end‑to‑end): Scoping, rules of engagement, attack planning, evidence collection, and professional report writing with clear risk ratings and remediation guidance. 

• Linux & Windows exploitation fundamentals: Service enumeration (SSH/RDP/SMB/WMI/WinRM), misconfigurations, local/remote file inclusion, command injection, credential theft and replay, AV/EDR evasion basics. 

• Privilege escalation:  

• Linux: SUID/SGID abuse, PATH hijacking, cron/service misconfigs, kernel exploits, capability misuse, sudo policy weaknesses. 

• Windows: Token impersonation, UAC bypass, service misconfigs (unquoted paths), DLL hijacking, vulnerable drivers, LPE via misconfigured privileges. 

• Active Directory attack paths: Enumeration (BloodHound/ldapsearch), Kerberoasting/AS‑REP roasting, constrained/unconstrained delegation abuse, golden/silver tickets, ACL/GPO misconfigurations, pass‑the‑hash, lateral movement. 

• Network pivoting & internal access: SOCKS proxies, SSH/Chisel pivots, port‑forwarding, tunneling (SSH/Plink/Socat), living‑off‑the‑land techniques to reach segmented networks relevant to VMCT validations. 

• Web application testing: Authentication/authorization flaws, input validation (SQLi, XSS, SSTI), CSRF, IDOR, file upload, deserialization, business‑logic bypass; strong familiarity with Burp Suite workflows and manual exploitation. 

• Service & protocol exploitation: SMB, RPC, LDAP, RDP, MSSQL, DNS, SMTP/IMAP/POP, web servers (IIS/Apache/Nginx), and common middleware stacks; craft PoCs when VMCT needs technical validation. 

• Exploit development (intro/intermediate): Stack‑based buffer overflows (Windows/Linux), shellcode basics, bad‑chars/offsets, SEH exploitation, simple patch/mitigation analysis to support CSIRT detection engineering. 

• OSINT & reconnaissance: Target profiling, attack surface mapping, subdomain discovery, certificate transparency analysis, leaked credential hunting to inform threat‑driven validation campaigns. 

• Detection‑aware offensive tradecraft (Purple Teaming): Map findings to MITRE ATT&CK, generate high‑fidelity artifacts (DFIR‑friendly logs), and collaborate with CSIRT to design/tune EDR/SIEM use cases. 

• Scripting & automation: Python/Bash/PowerShell for reconnaissance, exploitation helpers, payload staging, reporting pipelines, and reproducible VMCT validation playbooks. 

• Tooling proficiency: Burp Suite, Nmap, Metasploit, Impacket suite, CrackMapExec, Responder, Mimikatz, BloodHound/Sharphound, Chisel/Socat, gobuster/ffuf, sqlmap, dnsrecon, Hydra/Medusa, John/Hashcat. 

• Operational security & ethics: Secure handling of exploits and data, controlled testing in production‑adjacent environments, evidence integrity, and deconfliction with SecOps/CSIRT. 

Why Join Us? 

• Global Impact: Influence identity governance across a multinational company. 

• Challenging Projects: Work on cutting-edge IGA initiatives with real business impact. 

• Career Growth: Opportunity to evolve into IAM leadership or architecture roles. 

• Collaborative Culture: Work with experts in cybersecurity, cloud, and compliance.