Description:
The Senior Cyber Security Engineer – Offensive Security will play a critical role within the Security Operations team, not only safeguarding the organization's IT infrastructure, applications, and data against cyber threats, but also proactively identifying and exploiting vulnerabilities to strengthen overall defenses. This role requires advanced expertise in offensive security practices, including penetration testing, red teaming, and adversary simulation—alongside traditional responsibilities such as security monitoring, incident response, vulnerability management, and cloud security.
In addition, the position demands specialized skills in AI/ML operations, with a focus on testing applications developed using low code/no code platforms and securing CI/CD pipelines that support machine learning workflows. The engineer will leverage AI-powered testing tools and automation to assess, validate, and continuously monitor the security of these modern environments, ensuring robust protection against evolving threats and maintaining a resilient security posture for the organization.
As The Newest Member Of Our Team, You Will
- Lead offensive security testing for AI/ML pipelines, low code/no code platforms, and cloud environments, identifying and exploiting vulnerabilities to strengthen defenses.
- Integrate security into development processes, collaborating with teams to ensure secure coding and configuration, and proactively address risks in web, mobile, and API applications.
- Oversee incident response and threat management, leveraging SIEM tools and real-time intelligence to detect, contain, and remediate cyber threats.
- Mentor junior staff and communicate security risks and solutions to stakeholders.
- Continuously assess and improve application security, focusing on identity management, threat modeling, and validation against the latest vulnerabilities.
To Succeed, You Bring
- A minimum of ten (10) years of hands-on experience in offensive cybersecurity, including penetration testing, red teaming, adversary simulation, application security assessments, vulnerability exploitation, and incident response in enterprise environments.
- Bachelor’s degree or higher in Computer Science, Cybersecurity, or a related technical field.
- Advanced offensive security certifications (e.g., OSCP, OSCE, OSEP, GPEN, GWAPT) plus foundational certifications (e.g., CISSP, CEH, Security+).
- Strong understanding and practical application of security standards and frameworks (ISO 27001, NIST, CIS, MITRE ATT&CK).
- Deep knowledge of technical configurations and security controls across operating systems (Windows, Linux, VMware) and security solutions (IDS/IPS, DLP, SIEM, WAF, VPNs, encryption), with the ability to identify and exploit weaknesses.
- Exceptional analytical and problem-solving skills for simulating real-world attacks, identifying security gaps, and providing actionable remediation.
- Hands-on experience with cloud security and offensive assessments for cloud platforms (AWS, Azure, GCP), including securing diverse workloads with tools like Wiz Cloud and Defender CSPM.