Senior Offensive Security Engineer (Cybersecurity)

TL;DR

Senior Offensive Security Engineer (Cybersecurity): Simulating sophisticated cyber attacks and conducting white-box/black-box penetration testing on internal and public-facing assets with an accent on cloud security and microservices architecture. Focus on performing variant analysis, managing Bug Bounty programs, and developing security automation tooling to enhance company-wide resilience.

Location: Milan (Onsite)

Salary: €63,236–€70,824 EUR

Company

A global fintech company providing payment and shopping services.

What you will do

• Conduct white-box and black-box penetration testing on applications and infrastructure.
• Manage and investigate external Bug Bounty submissions and pentest findings.
• Perform variant analysis on identified security issues.
• Research security vulnerabilities in third-party solutions.
• Develop custom tooling for reconnaissance and security automation.
• Provide remediation guidance to product security and development teams.

Requirements

• Strong experience in penetration testing and technical security assessments.
• Proficiency in identifying security issues in Java and Node.js codebases.
• Experience with cloud environments, particularly AWS and microservice architectures.
• Strong Python scripting skills for automation tasks.
• Ability to communicate complex findings and remediation recommendations clearly.
• English proficiency is required for application materials.

Nice to have

• Industry certifications such as OSCP, OSWE, CREST, or GIAC.
• Active participation in CTF competitions and cybersecurity communities.

Culture & Benefits

• Exposure to a cutting-edge fintech tech stack.
• Opportunity to work within a diverse, multicultural global environment.
• Professional growth through challenging security scope and projects.