Security Engineer

The role

You carry out in-depth security assessments across a broad range of clients, from scale-ups and mid-market companies to enterprise organizations with business-critical software, as well as software systems in M&A processes. Your work goes beyond automated scans. You think like an attacker, look into the source code, and build a complete picture of real exposure.

Your findings are presented to engineering teams, management, and – where relevant – investors and legal advisors. Clarity and impact matter just as much as technical depth.

What will you do?

• Execute code-guided penetration tests with full source code access, going deeper than any black-box approach can
• Perform manual and automated penetration tests across applications, APIs and internal systems, following established methodologies including OWASP Top 10, SANS/CWE Top 25, WSTG and MASTG
• Conduct in-depth cloud configuration reviews and identify security risks in cloud environments
• Perform recurring vulnerability assessments to identify and prioritize new exposures over time
• Apply SAST and DAST tooling and critically interpret results beyond what the tooling surfaces
• Translate findings into clear, risk-prioritized reports for engineering teams, boards and investors
• Participate in client debriefings to walk through findings, answer questions and support remediation decisions
• Contribute to the ongoing development of YieldDD's security methodologies and tooling, working with a combination of established industry tools and tooling developed in-house
• Contribute to YieldDD's positioning by sharing knowledge through tech sessions, training and speaking at industry events

What you bring

Must-haves

• At least 3 years of experience in security assessments and penetration testing
• Proven experience with code-guided or white-box penetration testing specifically
• Able to navigate an unfamiliar codebase quickly and independently under time pressure
• Knowledge of commonly used (security) AI tooling
• Proficiency in both manual techniques and automated tooling
• Experience with multiple programming languages
• Strong written and verbal communication skills: your reports are clear and decision-ready for non-technical readers
• Fluency in Dutch and English, spoken and written

Nice-to-haves

• OSWE certification or equivalent
• Experience with C# or Python
• Knowledge of secure coding practices and common development anti-patterns
• Affinity with M&A context or due diligence
• Experience in sectors such as SaaS, financial services or PE-backed software companies

What we offer

• 25 vacation days
• Laptop and tooling of your choice
• Hybrid working: focus days from home, collaborative days at the office
• Premium-free pension plan with survivors’ pension
• Budget for training, certifications and personal development
• A brand-new office in the Houtfabriek at Campus Werkspoor, a fully sustainable timber building that opened in April 2026. The campus has a restaurant and gym, and padel courts are planned for later this year
• A role with genuine breadth: as part of a growing firm, you will contribute to more than just your own specialty
• Active support for certifications and specialization

About YieldDD

YieldDD is the specialist in software due diligence and cyber security for M&A transactions, private equity investors, and organizations with business-critical software. From our office in Utrecht (Campus Werkspoor), we work with leading PE firms, M&A advisors, and technology companies across the Benelux and Europe.

We are a lean team of specialists who value directness, depth, and genuine ownership. Security at YieldDD is not about running scans; it is about understanding what is really at stake.

How the process works

1. Send your CV and a short motivation
2. Introductory meeting
3. Assignment or technical assessment
4. Closing interview
5. Offer

Expected timeline: two to three weeks

Ready to apply? Fill out the application form below, upload your CV and a short motivation, and we will be in touch. Not sure whether this role is the right fit? Just reach out and we will be happy to think it through with you.