Senior Offensive Security Specialist

• Conduct comprehensive penetration tests on on-premise and cloud-based Windows/Linux systems, web applications, APIs, and networks.
• Identify, exploit, and document vulnerabilities, providing clear mitigation recommendations.
• Collaborate with the SOC team to refine and test cybersecurity use cases and develop threat hunting strategies.
• Support incident response activities with offensive expertise to help contain and mitigate security incidents.
• Execute red team and adversary emulation exercises using tools such as Atomic Red Team, MITRE Caldera, Metasploit, and Burp Suite.
• Design and perform tactical simulations to assess and improve defensive capabilities.
• Perform cloud penetration testing on AWS, Azure, and Google Cloud environments, identifying vulnerabilities across infrastructure, applications, and services.
• Prepare detailed technical reports and executive summaries of findings and recommendations.
• Maintain documentation of methodologies, tools, and results to ensure consistent testing practices.
• Stay up to date with emerging threats, attack techniques, and security tools.
• Research, evaluate, and integrate new tools or methods to enhance offensive security capabilities.
• Identify and prioritize vulnerabilities for remediation based on risk and potential impact.
• Provide training, mentorship, and workshops to IT security colleagues on offensive techniques and cybersecurity best practices.

Do you have experience in Windows?, Do you have a Bachelor's degree?, What do you need to succeed in this position?

• Bachelor's degree in IT or a related field and minimum 12 years of relevant experience.
• At least 6 years of experience in testing and cybersecurity.
• Minimum of 2 certifications, one in offensive security (e.g., OSCP, CRTO, GPEN, GXPN, CCSP) and one in cybersecurity, IT, computer science, governance, etc.
• Proven experience in penetration testing across on-premise, web, and cloud environments.
• Strong knowledge of network protocols, encryption, and common attack techniques.
• Hands-on experience with penetration testing and red team tools, including: Active Directory & Enterprise Attacks, Command & Control (C2) Frameworks, Payload Generation & Shellcode Development, Binary Exploitation & Vulnerability Research, Reverse Engineering & Debugging, Fuzzing & Automated Vulnerability Discovery, Network Reconnaissance & Attacks, Tactical Simulation & Adversary Emulation.
• Solid experience with Windows, Linux, and cloud platforms (AWS, Azure, GCP).
• Scripting or programming skills in PowerShell, Python, Bash, or similar.
• Experience collaborating with SOC teams and supporting incident response.
• Advanced English (C1) communication skills (written and spoken).