Cybersecurity Specialist - Red Team | Remote

We are looking for an experienced Cybersecurity Specialist Red Team | Remote to conduct security testing and help improve the security posture of the company's systems. This position focuses on controlled, legitimate, real-world security testing simulations and the development of practical recommendations for improvement. We are specifically looking for candidates with practical experience in real-world environments, where testing is performed on active applications or systems with official permission, not limited to labs, simulations, or learning platforms. Candidates are expected to understand the context of production systems and assess security impacts realistically.

• Conduct security assessments and penetration testing on web applications, APIs, and infrastructure within the approved scope.
• Simulate real-world security testing scenarios in a controlled and responsible manner.
• Systematically identify, validate, and document security vulnerabilities.
• Prepare technical reports and executive summaries, including actionable mitigation recommendations.
• Collaborate with the engineering and blue team to improve and strengthen the system.
• Keep up with the latest trends, techniques, and methodologies in cybersecurity.
• Ensure all testing activities comply with internal policies, laws, and professional ethics.

• Experience as a Cybersecurity Specialist / Red Team / Penetration Tester.
• Real experience in testing the security of production systems or applications with official authorization, not just in labs, CTFs, or simulation platforms.
• Able to understand real system architecture, configuration, and production environment limitations.
• Strong understanding of Web application security (OWASP Top 10), authentication and authorization mechanisms, fundamentals of network, server, and operating system security.
• Familiarity with modern security testing tools and techniques, both automated and manual.
• Basic scripting or programming skills (Python, Bash, JavaScript, or similar).
• Ability to work independently and collaboratively in a cross-functional team.
• Strong documentation and communication skills.
• Experience in labs, CTFs, or training platforms is appreciated, but must be supported by direct experience on legitimate and authorized real-world systems.

• Security certifications (OSCP, CRTO, eJPT, CEH, or equivalent).
• Experience in security testing in cloud environments (AWS, GCP, Azure).
• Understanding of DevSecOps or secure development lifecycle.
• Experience in responsible disclosure or security research.

• Career development opportunities and cybersecurity skill enhancement.
• Competitive compensation based on experience and skills.

1. Application Review: Review of the candidate’s application and resume.
2. HR Interview: Initial interview to discuss the candidate’s profile and experience.
3. Technical Assignment: A technical task to assess the candidate’s skills.
4. Final Decision: Final evaluation and selection decision.
5. Offer & Onboarding: Job offer and onboarding process for successful candidates.