Descripción
Social network you want to login/join with:Client:WerfenLocation:Job Category:OtherEU work permit required:YesJob Reference:3852747984211017728324640Job Views:3Posted:11.03.2025Expiry Date:25.04.2025Job Description:This position is part of the Security Group with worldwide responsibility for cybersecurity for IT, business systems, the network which extends to affiliates as well as security of products and services. As a Senior Offensive Security Engineer, you will be a key player in enhancing our organization's security posture, particularly in our cloud environments. You will lead offensive security efforts, including penetration testing, vulnerability assessments, and red teaming exercises, with a strong emphasis on cloud security. Your expertise will help identify and mitigate security threats before they can be exploited by adversaries.Key AccountabilitiesPenetration Testing and Vulnerability Assessments:Conduct comprehensive penetration tests on networks, web applications, cloud infrastructure, and other systems.Identify security vulnerabilities and provide detailed recommendations for remediation.Utilize both manual and automated tools to uncover security weaknesses.Cloud Security Testing:Perform security assessments of cloud services (e.G., AWS, Azure, Google Cloud Platform).Identify and exploit vulnerabilities specific to cloud environments.Collaborate with cloud architects and engineers to implement best security practices.Plan and execute sophisticated red teaming exercises to simulate real-world attacks.Develop and deploy advanced adversarial tactics, techniques, and procedures (TTPs).Collaborate with blue teams to improve detection and response capabilities.Security Research and Exploitation:Stay updated with the latest security threats, vulnerabilities, and exploits, especially those related to cloud services.Research new attack vectors and develop proof-of-concept exploits.Share knowledge through detailed reports, presentations, and training sessions.Security Tool Development:Develop and maintain custom security tools and scripts to support offensive security operations.Automate repetitive tasks to enhance efficiency and effectiveness.Assist in the investigation and response to security incidents.Provide expertise on attacker methodologies and potential countermeasures, particularly in cloud environments.Collaboration and Communication:Work closely with cross-functional teams to integrate security practices into the development lifecycle.Communicate findings and recommendations to stakeholders in a clear and concise manner.Minimum Knowledge & Experience required for the position:Education:Bachelor’s degree in Computer Science, Information Security, or a related field. A Master’s degree or relevant certifications (e.G., OSCP, OSCE, CISSP, CCSK, AWS Certified Security Specialty) is preferred.Experience:Minimum of 4 years of experience in offensive security, penetration testing, or red teaming.Proven track record of successfully identifying and exploiting security vulnerabilities, with significant experience in cloud security.Technical Skills:Deep understanding of networking protocols, operating systems, cloud infrastructure, and common application vulnerabilities.Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Wireshark, as well as cloud-specific security tools like ScoutSuite, Prowler, and CloudSploit.Strong programming/scripting skills in languages such as Python, Bash, PowerShell, or Ruby.Cloud Security Expertise:In-depth knowledge of cloud security frameworks, methodologies, and best practices.Experience with cloud security tools and services from major cloud providers (AWS, Azure).Ability to identify and exploit cloud-specific vulnerabilities and misconfigurations.Soft Skills:Excellent problem-solving abilities and analytical skills.Strong written and verbal communication skills.Ability to work independently as well as part of a team.#J-18808-Ljbffr