RemoteLeaf Logo
Log in Sign up

Offensive Security Engineer

4 hours, 31 minutes ago
Brazil
Full-time
Senior
Penetration Tester
Software Development
Android AWS Azure CI/CD GCP Go iOS Kubernetes LLM Penetration Testing TypeScript
Apply Now
CloudWalk

CloudWalk

CloudWalk focuses on developing an advanced payment network that empowers entrepreneurs by providing a comprehensive service for creating, deploying, and managing applications for POS terminals and smartphones, utilizing cutting-edge technology such as...

Diversified Financial Services
51-250
Founded 2013
$334M raised
View All Jobs 15

Description

  • Pentest applications across APIs, mobile apps, and infrastructure to identify and validate vulnerabilities before attackers do.
  • Plan and execute red team operations, including phishing, social engineering, lateral movement, and privilege escalation.
  • Measure and improve organizational resilience through realistic attack campaigns rather than checkbox compliance.
  • Build offensive tooling, including security platforms, scanning pipelines, and automation that expand the team’s impact.
  • Design and build LLM-powered agents that detect, classify, triage, and help fix vulnerabilities in real time.
  • Find bugs in source code and support secure coding efforts beyond proxy-based testing.
  • Collaborate with engineering teams to embed security checks into CI/CD pipelines and development workflows.
  • Apply offensive security knowledge to turn discovered weaknesses into repeatable defensive engineering improvements.

Requirements

  • Strong knowledge of common vulnerabilities, exploitation techniques, and secure coding practices.
  • Experience with web application and API pentesting.
  • Mobile pentesting experience with Android and/or iOS is a strong plus.
  • Proficiency in TypeScript, Go, or similar languages, with the ability to build reliable tools and services.
  • Ability to code daily, beyond ad hoc scripting.
  • Familiarity with cloud infrastructure security across GCP, AWS, or Azure.
  • Understanding of Kubernetes and service mesh concepts.
  • Experience with CI/CD pipelines and embedding security checks into them.
  • Experience leveraging LLMs or AI agents for security tasks.
  • Excellent communication and collaboration skills for working with engineering teams.
  • Bonus/preferred: experience with red team operations, including phishing infrastructure, social engineering, and C2 frameworks.
  • Bonus/preferred: familiarity with payment industry security, including PCI DSS, card tokenization, and acquiring flows.
  • Bonus/preferred: experience building security platforms or internal tools such as dashboards, bots, or vulnerability management systems.
  • Bonus/preferred: contributions to open source security tools, published security research, or participation in CTFs.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Workstate

Multi-Tenant Access Control & Role Governance Consultant - LATAM Remote

Workstate 51-250 Internet Software & Services

Workstate is hiring a Senior Security Engineer to support its GRC team in remediating SOX access control gaps and defining governance for a multi-tenant, role-based access control environment.

Argentina Colombia Contract Senior Security Engineer
3 hours, 46 minutes ago
TEECOM

Associate Principal - Security

TEECOM 51-250 Construction & Engineering

TEECOM is hiring an Associate Principal in Security to lead mid-sized multidisciplinary projects remotely across the United States, guiding delivery from programming through closeout while strengthening team coordination, documentation, and client relationships.

United States Full-time Senior Security Engineer Technical Project Manager
$125k-$160k
Agile Asana GitHub
3 hours, 46 minutes ago
TalentWerx

*E01 Cyber Security Engineer IV

TalentWerx 11-50 Professional Services

EXPANSIA is hiring a Remote Cyber Security Engineer IV to lead Microsoft Defender-based security engineering, endpoint and cloud protection, and incident response for U.S. defense and national security environments.

Anywhere Full-time Lead Security Engineer
$129k-$133k
Active Directory AWS Azure HIPAA Linux Power BI PowerShell SIEM
4 hours, 16 minutes ago
Avertium

Governance, Risk and Compliance | CyberSecurity Consultant

Avertium 251-1K IT Services

Avertium is hiring a remote CyberSecurity Consultant to support client cybersecurity and GRC engagements by assessing risk, implementing controls, strengthening compliance, and improving security posture.

United States Full-time Junior Penetration Tester
Cybersecurity Encryption HIPAA Penetration Testing
4 hours, 16 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers