Senior Pentester / Red Teamer

TL;DR

Senior Pentester / Red Teamer (Cybersecurity): Proactively identifying vulnerabilities and simulating real-world attack scenarios across cloud-native and hybrid environments with an accent on penetration tests, red team exercises, and automated security pipelines. Focus on designing offensive security engagements, leveraging AI-assisted tooling for vulnerability discovery and exploit generation, and hardening AWS and Kubernetes infrastructure.

Remote from Austria, Germany, Spain, UK, Italy, Hungary, Portugal, Croatia, Poland

Company

Fast-growing innovative service company and leading provider of B2B integration specializing in EDI, Web EDI, and e-invoicing, part of Nasdaq-listed Vertex, Inc.

What you will do

• Plan and execute penetration tests against infrastructure, web apps, APIs, and AWS cloud environments
• Conduct red team engagements simulating APTs and real-world attack chains
• Design and maintain automated pentesting pipelines integrated into CI/CD workflows
• Leverage AI/ML tools for vulnerability discovery, exploit generation, and anomaly detection
• Develop custom exploits, scripts, and tooling; assess and harden Kubernetes/AWS setups
• Document findings, collaborate with teams on fixes, contribute to purple team exercises, and mentor juniors

Requirements

• 5+ years hands-on in penetration testing, red teaming, or offensive security in cloud environments
• Proven AWS security assessments (IAM, privilege escalation, serverless, containers)
• Deep knowledge of OWASP Top 10, MITRE ATT&CK, exploit frameworks (Metasploit, Cobalt Strike)
• Strong scripting/automation (Python, Bash, Go); proficiency in tools like Pacu, Prowler
• Solid networking, OS (Linux/Windows), cloud architectures knowledge
• Familiarity with AI/ML offensive tools; excellent analytical and communication skills

Nice to have

• Certifications: OSCP, OSEP, OSCE, CRTO, GPEN, GXPN, AWS Security Specialty
• Kubernetes/EKS security, container escapes, physical pentesting
• Malware analysis, reverse engineering, exploit development
• AI-powered pentesting frameworks, open-source contributions, threat intel experience
• Compliance frameworks (ISO 27001, NIS2, SOC 2)

Culture & Benefits

• Remote-first culture from designated countries with flexible hours
• Annual personal development budget for conferences/courses/coaching
• Training from Datadog/CrowdStrike, home office allowance
• Regular team events/trips, workations up to 90 days/year in EU
• Wellbeing support, mental health resources, country-specific benefits