Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to enabling organizations to proactively find, fix and verify exploitable attack vectors. They are seeking a highly experienced Senior Internal Red Team Engineer to emulate advanced adversaries, identify vulnerabilities, and enhance the company's security posture.
Responsibilities:
- Conduct comprehensive threat modeling and risk assessments to identify high-value targets, analyze potential attack vectors, and prioritize red team objectives
- Design and execute end-to-end, objective-based red team operations targeting our production cloud and web environments, simulating real-world scenarios to test our defenses
- Perform deep, security-focused source code reviews (primarily in Python and JavaScript) to identify complex vulnerabilities like logic flaws, injection, and RCE
- Lead comprehensive security configuration audits of our AWS, Azure, GCP, Digital Ocean, and Kubernetes (K8s) environments, identifying exploitable misconfigurations, overly permissive IAM policies, and insecure network settings
- Assess and test the security of our CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions, ArgoCD, Crossplane, etc…) to identify attack paths, secret management flaws, and vulnerabilities that could lead to supply chain attacks
- Conduct in-depth penetration tests against critical web applications, APIs, and cloud-native services
- Actively collaborate with engineering and defensive teams (Blue Team) in purple team exercises to validate findings and improve detection and response capabilities in real-time. Perform retesting for validation of mitigations or remediations
- Develop custom tooling, exploits, and automation scripts as required to bypass security controls. Develop and maintain red team methodologies, tools, and infrastructure
- Stay abreast of the latest threat intelligence, vulnerabilities, and exploits; research and develop new exploitation techniques relevant to our technology stack
- Investigate, own, and report on vulnerabilities, exploit paths, and their business impact. Author clear, detailed reports and present findings to both technical and leadership audiences
Requirements:
- 5+ years of hands-on experience in offensive security, with a demonstrable track record of leading complex web application and cloud penetration tests
- Proven ability to read, review, and identify vulnerabilities in source code (especially Python and JavaScript)
- Deep, practical experience attacking and auditing cloud environments (eg: AWS, GCP, Azure) environments (e.g., S3, EC2, RDS, IAM, Lambda, Azure Blob Storage, Google Cloud Storage, etc...) and Kubernetes clusters
- Must hold one or more advanced, industry-recognized offensive security certifications: OSCP, OSWE, OSCE, CRTO, or GIAC (GCPN, GXPN)
- Expert-level knowledge of modern web application security, including the OWASP Top 10, API security, and common framework vulnerabilities
- Strong proficiency in common offensive security tools (e.g., Burp Suite, Nmap) and C2 frameworks (e.g., Cobalt Strike, Sliver, Brute Ratel)
- Strong written and verbal communication, including technical documentation and the ability to explain technology to non-technical audiences
- Experience in a blue team, incident response, or system administration role
- Experience with other cloud providers (e.g., GCP, Azure)
- Experience with OSINT, phishing, and social engineering campaigns
- Familiarity with WAF technologies (e.g., AWS WAF, Akamai)
- Relevant cloud or K8s certifications (e.g., AWS Certified Security - Specialty, Certified Kubernetes Administrator (CKA))