RemoteLeaf Logo
Log in Sign up

Senior Pentester / Red Teamer

1 day, 7 hours ago
Spain, United Kingdom, Austria, Croatia, Germany, Hungary, Italy, Poland, Portugal
Full-time
Senior
Penetration Tester
Cybersecurity
AWS Bash CI/CD CrowdStrike Datadog Go Kubernetes Linux LLM Machine Learning Metasploit Penetration Testing Python Serverless
Apply Now
ecosio

ecosio

ecosio specializes in providing automated B2B communication solutions that enhance supply chain efficiency through flexible EDI and e-invoicing services, facilitating seamless integration between customers, suppliers, and authorities.

Internet Software & Services
51-250
Founded 2012
View All Jobs 2

Description

  • Plan and execute penetration tests across internal and external infrastructure, web applications, APIs, and AWS cloud environments.
  • Conduct red team exercises simulating advanced persistent threats and real-world attack chains.
  • Design, build, and maintain automated pentesting and security scanning pipelines integrated into CI/CD workflows.
  • Leverage AI- and machine-learning-based tools to scale offensive security operations and improve vulnerability discovery.
  • Develop custom exploit code, scripts, and tooling tailored to the organisation's technology stack.
  • Assess and harden Kubernetes and AWS services including IAM, VPC, EKS, Lambda, S3, CloudTrail, and GuardDuty.
  • Document findings in clear reports with risk ratings and remediation guidance.
  • Collaborate with SOC, DevOps, and engineering teams to validate fixes and improve detection capabilities.
  • Contribute to purple team exercises that connect offensive findings with defensive improvements.
  • Mentor junior security team members on offensive methodologies and tooling.

Requirements

  • 5+ years of hands-on experience in penetration testing, red teaming, or offensive security roles in cloud environments.
  • Proven track record of security assessments in AWS environments, including IAM misconfigurations, privilege escalation, serverless exploitation, and container breakouts.
  • Deep understanding of OWASP Top 10, MITRE ATT&CK, and common exploit frameworks such as Metasploit, Cobalt Strike, and Sliver.
  • Strong proficiency in scripting and automation using Python, Bash, Go, or similar languages.
  • Strong proficiency with tools such as Pacu or Prowler.
  • Solid knowledge of networking, operating systems, and cloud-native architectures, including Linux and Windows.
  • Familiarity with AI/ML-assisted offensive security tools and techniques.
  • Excellent analytical thinking and the ability to work independently with minimal supervision.
  • Strong written and verbal communication skills for technical and executive reporting.
  • Relevant certifications such as OSCP, OSEP, OSCE, CRTO, GPEN, GXPN, or AWS Security Specialty (preferred).
  • Experience with Kubernetes/EKS security assessments and container escape techniques (preferred).
  • Experience in physical pentesting of hardware devices such as firewalls, Wi-Fi access points, and contactless card readers (preferred).
  • Background in malware analysis, reverse engineering, or exploit development (preferred).
  • Hands-on experience with AI-powered pentesting frameworks such as PentestGPT, Nuclei AI, or custom LLM agents for recon/exploitation (preferred).
  • Contributions to open-source security tools or published security research/CVEs (preferred).
  • Experience with threat intelligence platforms and adversary emulation frameworks (preferred).
  • Familiarity with compliance frameworks relevant to offensive testing, such as ISO 27001, NIS2, and SOC 2 (preferred).

Benefits

  • Remote-first culture with the ability to work from one of the designated countries.
  • Flexible working hours.
  • Annual personal development budget for conferences, courses, or career coaching.
  • Access to training and learning paths from Datadog and CrowdStrike.
  • Home office allowance.
  • Regular team events and trips.
  • Workations of up to 90 days per year within the EU.
  • Wellbeing support, including mental health resources and employee assistance programs.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Veracyte

Manager, IT & Cybersecurity GRC

Veracyte 251-1K Pharmaceuticals

Veracyte is hiring a Manager, IT & Cybersecurity GRC to lead enterprise technology controls, IT SOX compliance, and cybersecurity risk governance in a highly regulated environment.

United States Full-time Lead Penetration Tester Program Manager
$145k-$155k
Cybersecurity
6 hours, 28 minutes ago
Cyderes

Senior PAM Consultant

Cyderes 251-1K Professional Services

Cyderes is seeking a Senior Privileged Access Management (PAM) Consultant to assess, design, implement, and support enterprise PAM solutions across identity security environments.

Canada Full-time Senior Penetration Tester
$81k-$104k
Active Directory Linux PowerShell REST API Secrets Management SIEM SQL
7 hours, 13 minutes ago
GuidePoint Security

Senior PAM Engineer - CyberArk (Remote in the US)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Senior CyberArk Engineer to deliver client-facing privileged access management solutions across diverse environments for a US-based remote consulting role.

United States Full-time Senior Penetration Tester Security Engineer
Active Directory HashiCorp Vault HIPAA PowerShell Python REST API SIEM
1 day, 6 hours ago
Planet Technologies

Microsoft Security and Compliance Consultant

Planet Technologies 251-1K Internet Software & Services

Planet Technologies is seeking a Senior Microsoft Security & Compliance Consultant to help clients design and deliver secure, compliant Microsoft 365, Microsoft Purview, and Copilot environments.

United States Full-time Senior Penetration Tester
$120k-$210k
Azure PowerShell
2 days, 6 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers