Назад
Company hidden
2 дня назад

Offensive Security Engineer

Формат работы
remote (только Europe)
Тип работы
fulltime
Грейд
middle
Английский
b2
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Offensive Security Engineer (Cybersecurity): Strengthening the offensive security posture by proactively testing and identifying vulnerabilities across external perimeters, VPS, and physical infrastructure with an accent on adversary emulation and external attack surface mapping. Focus on bypassing EDR/XDR systems, tuning perimeter controls, and documenting complex exploitation chains to improve defensive guardrails.

Location: Remote (Europe)

Company

hirify.global is a remote-first company focused on sustainability and global sports entertainment.

What you will do

  • Monitor, map, and test the entire external attack surface, including domains, subdomains, websites, and public IP addresses.
  • Conduct adversary emulation against internal and office endpoints to validate EDR, XDR, and SOC monitoring platforms.
  • Evaluate the security posture of physical office hardware, corporate network equipment, and internal edge infrastructure.
  • Perform scoped offensive testing on external-facing web applications and public-facing API endpoints.
  • Translate discovery findings and EDR emulation gaps into repeatable defensive checks and firewall rules.
  • Document multi-stage exploitation chains to provide reproducible remediation blueprints for infrastructure and SOC teams.

Requirements

  • Experience in offensive security, perimeter penetration testing, network security assessments, or adversary emulation.
  • Strong understanding of external asset discovery, DNS configuration vulnerabilities, and public IP network routing.
  • Practical experience auditing and testing Linux and Windows environments.
  • Ability to perform adversary emulation and bypass techniques against modern EDR/XDR solutions.
  • Strong scripting ability in Python, PowerShell, or Bash to automate mapping and discovery workflows.
  • Must be based in Europe.

Nice to have

  • Expertise with Kali Linux toolset, Nmap, Shodan, Censys, Masscan, Amass, or Burp Suite.
  • Experience with Microsoft Defender XDR, CrowdStrike Falcon, or SentinelOne.
  • Familiarity with Atomic Red Team or Caldera.
  • Knowledge of OWASP ZAP and modern API security testing.

Culture & Benefits

  • Remote-first culture with flexible core working hours (10am-3pm in your local time zone).
  • Competitive salary with individual performance-based quarterly bonuses.
  • 28 days of paid annual leave.
  • Top-of-the-line equipment and referral/flash bonuses.
  • Annual company retreats to connect and collaborate with global colleagues.

Hiring process

  • Remote video screening with the Talent Acquisition Team.
  • Online technical assessment via Hackerrank.
  • Remote video interview with team members.
  • Final discussion with the hiring manager.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →