Senior Pentester / Red Teamer

📋 Description

• Plan and implement penetration tests targeting both internal and external infrastructures, web applications, APIs, and cloud environments, primarily focused on AWS.

• Perform red team engagements that mimic advanced persistent threats (APTs) and realistic attack sequences.

• Create, develop, and sustain automated penetration testing and security scanning pipelines that are integrated into CI/CD workflows.

• Utilize AI and machine-learning tools (such as LLM-assisted vulnerability discovery, automated exploit generation, and AI-driven anomaly detection) to enhance offensive security operations.

• Generate custom exploit code, scripts, and tools customized for the organization's technology stack.

• Evaluate and strengthen Kubernetes and AWS environments (including IAM, VPC, EKS, Lambda, S3, CloudTrail, GuardDuty, etc.).

• Document findings in comprehensive, actionable reports that include risk ratings and remediation recommendations.

• Collaborate with SOC, DevOps, and engineering teams to verify fixes and enhance detection capabilities.

• Participate in purple team exercises that connect offensive insights with defensive improvements.

• Keep abreast of new attack techniques, CVEs, threat intelligence, and developments in offensive security research.

• Mentor junior members of the security team in offensive strategies and tools.

⛳️ Requirements

• A minimum of 5 years of practical experience in penetration testing, red teaming, or offensive security positions within cloud environments.

• Demonstrated success in conducting security assessments within AWS environments (including IAM misconfigurations, privilege escalation, serverless exploitation, and container breakouts).

• Comprehensive understanding of OWASP Top 10, MITRE ATT&CK, and prevalent exploit frameworks (such as Metasploit, Cobalt Strike, Sliver, etc.).

• Strong skills in scripting and automation (using Python, Bash, Go, or similar languages).

• Proficient in relevant tools such as Pacu or Prowler.

• Solid grasp of networking, operating systems (Linux/Windows), and cloud-native architectures.

• Familiarity with AI/ML-assisted tools and techniques in offensive security.

• Exceptional analytical skills and the ability to operate independently with minimal supervision.

• Strong written and verbal communication abilities for both technical documentation and executive reporting.

🏝️ Benefits

• Flexible working hours to accommodate your schedule and priorities.

• Annual personal development budget to support attendance at conferences, courses, or career coaching.

• Access to training and learning resources from Datadog and CrowdStrike.

• Home office allowance to customize your workspace according to your preferences.

• Regular events and excursions to foster connections, celebrate achievements, and enjoy time with the team.

• Opportunities for workations of up to 90 days per year within the EU, balancing travel with productivity.

• Wellbeing support that includes mental health resources and employee assistance programs.

• Additional benefits that vary by country based on your location.