Penetration Tester / Red Team Specialist (Cybersecurity)

TL;DR

Penetration Tester / Red Team Specialist (Cybersecurity): Simulating realistic attack paths and validating security controls in a large enterprise environment with an accent on offensive operations and defender enablement. Focus on executing red and purple team engagements, documenting attack chains, and improving detection and response capabilities.

Location: Must be based in Austria (work-from-home options available from within the country).

Salary: From EUR 3,375.40 gross per month

Company

hirify.global is a major banking group serving over 17 million customers across Austria and Central and Eastern Europe.

What you will do

• Plan and execute red team and purple team engagements across enterprise, endpoint, identity, network, cloud, and web environments.
• Perform advanced offensive activities including privilege escalation, lateral movement, persistence, and defense evasion.
• Assess attack surfaces of internal infrastructure, Active Directory, and cloud identity systems.
• Document attack chains in a defender-centric manner, providing specific detection engineering recommendations.
• Collaborate with blue teams, detection engineers, and incident responders to validate controls and close detection gaps.
• Develop and customize offensive tooling and scripts using PowerShell or Python.

Requirements

• Proven hands-on experience in red teaming, purple teaming, or advanced penetration testing within large enterprise environments.
• Expertise in web application exploitation (e.g., authentication bypass, SSRF, deserialization, injection, OAuth/SAML abuse).
• Deep understanding of Windows or Linux internals, authentication mechanisms, and system telemetry.
• Strong knowledge of Active Directory abuse paths and enterprise identity attack techniques.
• Proficiency in at least one scripting language, preferably PowerShell or Python.
• Eligibility to work in Austria (work permit support is available).

Nice to have

• Experience in Blue Team functions, such as Detection Engineering or Incident Response.
• Familiarity with SIEM/EDR platforms and adversary simulation frameworks like Atomic Red Team or Caldera.
• Knowledge of Azure AD / Entra ID and cloud identity attack techniques.
• Experience in financial services, SWIFT security controls, or DORA compliance.
• Contributions to the security community via CVEs, public tools, or CTF platforms.
• Business-level German language skills.

Culture & Benefits

• Flexible working hours and work-from-home options from Austria.
• International environment with over 75 nationalities and English as the primary corporate language.
• Focus on continuous learning, proactive career development, and access to professional trainings.
• Health and well-being perks including a subsidized canteen, check-ups, and sport allowances.
• Comprehensive family support, including child allowances and a bilingual company kindergarten.
• Financial benefits such as exclusive banking terms and a free public transport pass.