Senior Security Engineer (Offensive Security)

Key Responsibilities

Vulnerability Assessment & Penetration Testing

• Conduct regular penetration tests to identify security flaws in applications, networks, and infrastructure.
• Perform manual and automated vulnerability assessments across different platforms and environments.
• Develop detailed reports on findings and provide actionable recommendations for remediation.

Red Team Engagement

• Plan, execute, and support red team exercises to simulate real-world attack scenarios.
• Identify attack vectors, exploit vulnerabilities, and simulate advanced persistent threats (APTs).
• Collaborate with the security team to improve incident detection and response capabilities.

Security Tools & Automation

• Develop and integrate custom security tools to automate offensive security testing.
• Leverage scripting languages like Python, Bash, and PowerShell to build automation for vulnerability exploitation and reporting.
• Contribute to the development and improvement of internal security tooling.

  Required Skills & Qualifications

  Preferred Qualifications (Bonus)

• 5+ years of experience in offensive security, penetration testing and red teaming activities.
• Expertise in web application security, network security, and cloud security (AWS, Azure, GCP).
• Familiarity with vulnerability management.
• Strong understanding of common attack vectors (e.g., XSS, SQL Injection, CSRF, privilege escalation).
• Experience in manual and automated exploitation techniques.
• Knowledge of security frameworks such as NIST, OWASP, and MITRE ATT&CK.
• Scripting experience with languages such as Python, Bash, or PowerShell.
• Strong analytical and problem-solving skills.
• Security certifications: OSCP, OSCE, GPEN.
• Experience with red team tools like Cobalt Strike, Empire, or similar.
• Hands-on experience with Kubernetes and containerised applications 
• 5+ years of experience in offensive security, penetration testing and red teaming activities.
• Expertise in web application security, network security, and cloud security (AWS, Azure, GCP).
• Familiarity with vulnerability management.
• Strong understanding of common attack vectors (e.g., XSS, SQL Injection, CSRF, privilege escalation).
• Experience in manual and automated exploitation techniques.
• Knowledge of security frameworks such as NIST, OWASP, and MITRE ATT&CK.
• Scripting experience with languages such as Python, Bash, or PowerShell.
• Strong analytical and problem-solving skills.
• Security certifications: OSCP, OSCE, GPEN.
• Experience with red team tools like Cobalt Strike, Empire, or similar.
• Hands-on experience with Kubernetes and containerised applications