About us
KLANIK est une société de conseil en Ingénierie IT qui accompagne ses clients dans leurs projets digitaux et technologiques.
Le groupe KLANIK compte désormais plus de 750 talents, évoluant dans 16 agences en Europe, Amérique du Nord, Afrique et Moyen-Orient. Des experts engagés, atypiques et passionnés, impliqués dans des projets stratégiques grâce à leur haut niveau de compétences en Software, DevOps, Cloud, Agilité, Cybersécurité, Big Data & IA.
En parallèle de leurs métiers, les collaborateurs du groupe KLANIK sont accompagnés au quotidien dans leur développement personnel et professionnel, via différentes initiatives engageantes et innovantes :
KONSCIOUS : communauté interne engagée dans les enjeux écologiques, sociaux et environnementaux
KAMPUS : institut de formation technique certifié
KORNER : incubateur de start-ups technologiques
KLANIK ESPORT : club professionnel e-sport ouvert aux collaborateurs
Job Description
As part of this team, you will plan and execute advanced adversary simulations, targeting an organization's systems, applications, and networks. You will mimic real-world threat actors, leveraging the latest Tactics, Techniques, and Procedures (TTPs) to test and enhance the company's security posture.
This is a long-term opportunity in an environment that values innovation, strategic offensive security, and continuous research. The team also has a dedicated R&D week every quarter to develop new attack techniques, improve tooling, and stay ahead of evolving security measures.
Responsibilities :
Plan, develop, and execute Red Team engagements to identify security weaknesses and bypass defense mechanisms.
Simulate advanced persistent threats (APT) using Cobalt Strike, Sliver, Empire, Puppy, or other offensive security tools.
Develop or modify custom exploits, payloads, and attack tools to evade modern defense mechanisms.
Leverage Python (or other scripting languages) to automate attacks, develop reconnaissance tools, and enhance existing frameworks.
Exploit Windows environments (required) and Linux environments (bonus).
Analyze and adapt existing Proof-of-Concept (PoC) exploits to ensure compatibility with recent security controls.
Maintain a solid understanding of exploitation techniques, including privilege escalation, lateral movement, and persistence.
Work with network and infrastructure teams to ensure proper access to necessary environments.
Participate in continuous learning and research, dedicating one week per quarter to innovation.
Required qualifications
Required Skills & Experience
✅ 6+ years of hands-on experience in Red Team operations, focusing on real-world attack scenarios.
✅ Expertise in Command and Control (C2) frameworks like Sliver, Cobalt Strike, Empire, or Puppy.
✅ Strong Windows exploitation skills (Linux exploitation is a plus).
✅ Proficiency in Python (or other scripting languages) to develop and customize offensive tools.
✅ Ability to reverse-engineer security controls and adapt attack strategies accordingly.
✅ Deep understanding of TTPs used by real-world threat actors.
✅ Ability to modify and adapt public Proof-of-Concept exploits to bypass modern security defenses.
✅ Strong knowledge of network security, Active Directory attacks, lateral movement, and persistence techniques.
✅ OSCP certification (preferred but not mandatory).
