Key skills
AWSCloudFirewallsKubernetesLinuxPythonGoBashAIMLLLMServerlessEKSIAMDatadogCommunicationOWASPPenetration Testing
About this role
Role Overview
- Operate as a highly autonomous security specialist responsible for proactively identifying vulnerabilities, simulating real-world attack scenarios, and hardening our infrastructure and applications
- Design and execute offensive security engagements — including penetration tests, red team exercises, and threat hunting campaigns — across cloud-native and hybrid environments
- Build and maintain automated security testing pipelines, leveraging AI-assisted tooling to continuously assess and improve the organisation's security posture
Requirements
- 5+ years of hands-on experience in penetration testing, red teaming, or offensive security roles in Cloud environments
- Proven track record of security assessments in AWS environments (IAM misconfigurations, privilege escalation, serverless exploitation, container breakouts)
- Deep understanding of OWASP Top 10, MITRE ATT&CK, and common exploit frameworks (Metasploit, Cobalt Strike, Sliver, etc.)
- Strong proficiency in scripting and automation (Python, Bash, Go, or similar)
- Strong proficiency in subject matter tools e.g. Pacu or Prowler
- Solid knowledge of networking, operating systems (Linux/Windows), and cloud-native architectures
- Familiarity with AI/ML-assisted offensive security tools and techniques
- Excellent analytical thinking and ability to work independently with minimal supervision
- Strong written and verbal communication skills for technical and executive reporting
- Relevant certifications such as OSCP, OSEP, OSCE, CRTO, GPEN, GXPN, or AWS Security Specialty (nice to have)
- Experience with Kubernetes / EKS security assessments and container escape techniques (nice to have)
- Experience in physical pentesting of hardware devices such as firewalls, wifi aps and contactless card readers (nice to have)
- Background in malware analysis, reverse engineering, or exploit development (nice to have)
- Hands-on experience with AI-powered pentesting frameworks (e.g., PentestGPT, Nuclei AI, custom LLM agents for recon/exploitation) (nice to have)
- Contributions to open-source security tools or published security research / CVEs (nice to have)
- Experience with threat intelligence platforms and adversary emulation frameworks (nice to have)
- Familiarity with compliance frameworks relevant to offensive testing (ISO 27001, NIS2, SOC 2) (nice to have)
Tech Stack
- AWS
- Cloud
- Firewalls
- Kubernetes
- Linux
- Python
- Go
Benefits
- Our remote-first culture lets you work remotely from one of our designated countries
- Flexible working hours to suit your schedule and priorities
- Annual personal development budget to invest in conferences, courses, or career coaching
- Access to training and learning paths from Datadog and CrowdStrike
- Home office allowance to create a workspace that fits your needs
- Regular events and trips to connect, celebrate, and have fun with the team
- Workations of up to 90 days per year within the EU, combining travel and productivity
- Wellbeing support, including mental health resources and employee assistance programs
- Additional country-specific benefits based on your location