RemoteLeaf Logo
Log in Sign up

Staff Engineer, Offensive Security

3 hours, 22 minutes ago
Ireland
Full-time
Lead
Penetration Tester
Cybersecurity
Android AWS Azure Bash Burp Suite C++ iOS Kubernetes Metasploit Network Security Nmap Penetration Testing Python SIEM TensorFlow Wireshark
Apply Now
Twilio

Twilio

Twilio is a cloud communication company that offers Communication APIs for SMS, Voice, Video, and Authentication, empowering developers to embed communication capabilities into their software applications globally.

Diversified Telecommunication Services
5K-10K
Founded 2008
View All Jobs 124

Description

  • Perform manual and automated penetration testing of web applications, APIs, and mobile apps on iOS and Android.
  • Conduct internal and external network, cloud, and infrastructure security assessments.
  • Triage and validate findings from scanners and bug bounty reports, escalating true positives and eliminating false positives.
  • Test AI prototypes, services, and applications for prompt injection, jailbreaks, and sensitive data leakage.
  • Write high-quality technical reports that clearly document the path to compromise and reproducible steps.
  • Maintain and update offensive security testing infrastructure, including Burp Suite and basic C2 listeners.
  • Provide remediation guidance to engineering teams for vulnerabilities such as XSS, SQLi, and IDOR.
  • Design and lead multi-week red team operations that emulate specific threat actors and test detection capabilities.
  • Develop custom payloads, droppers, and obfuscated scripts to bypass EDR/AV and maintain stealth.
  • Build automated testing frameworks for AI systems and collaborate with SIRT and Detection Engineering to tune SIEM alerts.
  • Oversee the organization’s bug bounty program and identify recurring trends that indicate broader architectural security issues.

Requirements

  • 7-10 years of experience in offensive security, penetration testing, bug bounty, AppSec, or vulnerability exploitation.
  • Track record of finding high- or critical-severity vulnerabilities in complex environments using commercial or custom pentesting tools.
  • Expert knowledge of the MITRE ATT&CK matrix, the OWASP Top 10 for web applications, and the OWASP Top 10 for LLMs.
  • Understanding of post-exploitation techniques such as lateral movement, persistence, and data exfiltration, as well as adversarial ML.
  • Proficiency with tools such as Burp Suite Professional, Nmap, Metasploit, Wireshark, LangChain, TensorFlow, and C2 frameworks like Cobalt Strike, Sliver, or Havoc.
  • Ability to write functional scripts in Python or Bash to automate repetitive testing tasks.
  • Proficiency in programming and scripting languages such as Python and C++ for custom offensive exploit development.
  • Advanced industry certifications such as OSCP, OSEP, OSWE, or GXPN are highly desirable.
  • Telecom industry experience is preferred.
  • Excellent written and verbal communication skills.
  • Ability to influence and build effective working relationships at all levels of the organization.
  • Proficiency in multiple languages applicable to the region.
  • Must be remote-based in Ireland.
  • Approximately 15% travel is required.

Benefits

  • Competitive pay.
  • Generous time off.
  • Parental leave and wellness leave.
  • Healthcare coverage.
  • Retirement savings program.
  • Remote-first work environment.
  • Support for volunteering and donation efforts.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Coinbase

Senior Offensive Security Engineer (IOT / Network Pentesting)

Coinbase 1K-5K Capital Markets

Coinbase is hiring a Senior Offensive Security Engineer to assess and strengthen the digital security of physical spaces and connected systems as part of its Application Security team.

United States Full-time Senior Embedded Systems Engineer Penetration Tester
$186k-$219k
IoT LLM Machine Learning Network Security Penetration Testing
2 hours, 22 minutes ago
GitLab

Principal Cybersecurity Incident Manager (USA)

GitLab 1K-5K Internet Software & Services

GitLab is hiring a Cybersecurity Incident Manager to lead security incident response across its SaaS, dedicated, and corporate environments while building and maturing the company’s incident command function.

United States Full-time Lead Penetration Tester
$168k-$270k
AWS DevSecOps GCP GitLab Kubernetes SIEM
5 hours, 22 minutes ago
Magnet Forensics

Vulnerability Researcher

Magnet Forensics 251-1K Internet Software & Services

Magnet Forensics is hiring a Vulnerability Researcher to support its remote research and development team in advancing digital investigative software used by customers worldwide.

Canada United Kingdom France Germany Spain Sweden Full-time Mid Level Penetration Tester
10 hours, 22 minutes ago
Coalfire

Principal, FedRAMP Advisory

Coalfire 251-1K Internet Software & Services

Coalfire is seeking a Principal Consultant, FedRAMP Advisory to lead public sector compliance engagements and guide clients through complex security and regulatory programs.

United States Full-time Lead Penetration Tester
$104k-$180k
AWS Azure Cybersecurity DevSecOps Encryption GCP
12 hours, 52 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers