Security Engineer - Red Team

Our client is a global leader in enterprise orchestration, helping over 400,000 businesses worldwide streamline their operations with its AI‑powered platform. They are looking for a highly accomplished Security Engineer, Red Team. This is a full‑time, permanent, remote position ideally based in Spain or Portugal.

• Bachelor's degree in Computer Science, Cybersecurity, or a related technical field.
• 5+ years in cybersecurity with a focus on offensive security, penetration testing, or red team operations.
• Advanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent).
• Deep expertise in cloud security testing, particularly AWS environments.
• Proficiency in exploitation frameworks and tools (Nuclei, Metasploit, Burp, Cobalt Strike, custom tooling).
• Scripting and automation skills (Python, Go, Bash, or similar).
• Hands‑on experience in vulnerability research and exploit development.
• Knowledge of threat modeling methodologies and attack path analysis.
• AI/ML security testing experience.
• Experience with social engineering and phishing campaigns.
• Advanced security certifications (GCFA, GCIH, GIAC, CRTO, CRTE).
• Experience with threat intelligence and adversary emulation frameworks (MITRE ATT&CK).
• Active participation in the security research community and CVE discoveries.
• Knowledge of compliance frameworks and vendor relationship management.

• Simulate real‑world adversarial attacks against our cloud architecture, AI model endpoints, and complex multi‑tenant SaaS platform while playing a key role in strengthening our defenses during our Agentic AI Transformation.
• Identify security weaknesses, validate defensive capabilities, and improve our security posture through adversarial testing. Findings directly influence product security architecture and drive improvements across customer deployments.
• Perform red team exercises and penetration tests to simulate real‑world attacks and validate defensive controls.
• Perform vulnerability research and exploitation to validate attack paths and contribute to the security community.
• Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategies.
• Partner with Security Operations and Bug Bounty teams to enhance detection, response, and organizational resilience.
• Coordinate external red team and penetration testing engagements and third‑party security assessments.
• Develop automated tools and frameworks to scale offensive security operations across systems and applications.

This role offers the opportunity to conduct offensive security research against mission‑critical systems deployed globally while working with AI and cloud technologies. If you're passionate about thinking like an attacker to build stronger defenses, this role could be perfect for you.