About the Role
The role involves conducting advanced offensive security operations to uncover weaknesses in systems, applications, and networks, using findings to enhance the organization's overall security posture.
Responsibilities
- Execute penetration tests across web applications, APIs, and infrastructure
- Simulate real-world attack scenarios to evaluate system resilience
- Identify, document, and validate security flaws in technical environments
- Collaborate with development and operations teams to resolve vulnerabilities
- Develop custom tools and scripts to automate security assessments
- Maintain up-to-date knowledge of emerging attack techniques
- Provide technical guidance during incident response investigations
- Assist in red teaming exercises with a focus on stealth and persistence
- Evaluate cloud platform configurations for security missteps
- Report findings with clear technical details and remediation steps
- Support secure architecture design through proactive threat modeling
- Conduct source code reviews to detect exploitable patterns
- Test for business logic flaws beyond standard vulnerability scanning
- Engage in social engineering assessments when authorized
- Maintain confidentiality and integrity during all security operations
- Stay compliant with legal and policy frameworks during testing
- Assess third-party services for potential security exposure
- Improve detection capabilities by emulating adversary behaviors
- Contribute to internal security training with real-world examples
- Track and prioritize risks based on exploitability and impact
- Use offensive tactics to validate effectiveness of defensive controls
- Work independently while aligning with broader security goals
- Respond to urgent security requests during critical events
- Maintain detailed records of test scopes and outcomes
- Support security validation for new product rollouts
Nice to Have
- Certifications such as OSCP, OSCE, or CRTP
- Public demonstrations of research or tool development
- Experience in financial or trading systems security
- Knowledge of blockchain or cryptocurrency platforms
- Prior work in high-assurance security environments
- Experience with hardware security testing
- Familiarity with reverse engineering techniques
- Contributions to open-source security projects
Compensation
Competitive salary and benefits package offered
Work Arrangement
Remote with flexible hours; global applicants welcome
Team
Part of the cybersecurity division focused on proactive threat identification
Security Research
- Opportunities to explore novel attack vectors and publish findings internally
- Time allocated for independent research on emerging threats
Team Culture
- Collaborative environment emphasizing knowledge sharing
- Regular internal workshops and technical deep dives
Visa sponsorship available for qualified candidates
