cloudwalk - Offensive Security Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Strong knowledge of common vulnerabilities, exploitation techniques, and secure coding practices. You can find bugs in source code, not just with a proxy. • Experience with web application and API pentesting. Mobile pentesting (Android/iOS) is a strong plus. • You code daily. Proficiency in Typescript, Go, or similar, not just scripts, but tools and services others can rely on. • Familiarity with cloud infrastructure security (GCP/AWS/Azure), Kubernetes, and service mesh concepts. • Understanding of CI/CD pipelines and how to embed security checks into them. • Experience leveraging LLMs or AI agents for security tasks. • Excellent communication and collaboration skills to work effectively with engineering teams. • Experience with red team operations: phishing infrastructure, social engineering, C2 frameworks. • Familiarity with payment industry security (PCI DSS, card tokenization, acquiring flows). • Experience building security platforms or internal tooling (dashboards, bots, vulnerability management systems). • Contributions to open source security tools, published security research or CTFs.
Responsibilities
• Break things that matter. Pentest applications across our stack, identifying vulnerabilities in APIs, mobile apps (Android/iOS), and infrastructure before attackers do. • Run red team operations. Plan and execute realistic attack campaigns: phishing with custom domains, social engineering, lateral movement, privilege escalation. Measure real organizational resilience, not checkbox compliance. • Build offensive tooling. Engineer security platforms, scanning pipelines, and automation that multiply the team's impact. • Weaponize AI for defense. Design and build LLM-powered agents that detect, classify, triage and fix vulnerabilities in real time.
No credit card. Takes 10 seconds.