Senior Offensive Security Engineer

TL;DR

Senior Offensive Security Engineer: Leading high‑impact offensive security efforts on product and platform surfaces (web, mobile backends, APIs), focusing on identifying vulnerabilities and driving remediation. Focus on threat modeling, secure design patterns, and translating technical risk into business impact to enhance overall security posture.

Location: Must be based in Europe

Company

hirify.global is expanding and building the world's go to platform for everyday entertainment in the online gaming industry.

What you will do

• Plan and execute offensive engagements across web, mobile, API, auth flows, and business logic.
• Build repeatable test harnesses and document exploit chains, filing issues with risk/rationale and fix guidance.
• Partner with engineering on design reviews, fixes, and validation; mentor peers.
• Contribute to threat modeling and secure design patterns.

Requirements

• 5+ years in AppSec/offensive security focused on web/API.
• Fluency in auth (OAuth/OIDC), access control (IDOR/BOLA), SSRF, and injection classes.
• Strong scripting skills (Python/Go/JS) and experience with proxy tooling (Burp/ZAP).
• Clear communication skills to translate technical risk into business impact.

Culture & Benefits

• Sporty is a remote-first company.
• Competitive salary + individual performance-based bonuses every quarter.
• 28 days of paid annual leave.
• Core working hours are 10am-3pm in your local time zone with flexibility outside of this.
• Referral bonuses & flash bonuses.
• Top-of-the-line equipment.