Offensive Security Specialist (Red Team)

Category : R&D Location : Bolzano/Full Remote

Are you a system breacher, adept at uncovering hidden vulnerabilities? Join our Red Team and put your skills to the test by planning and executing targeted attack simulations, developing and integrating custom tools for penetration testing and post-exploitation, thereby contributing to the security of strategically important applications.

As an Offensive Security Specialist, you will play a crucial role in identifying and exploiting vulnerabilities on both on-premises and cloud platforms, with the goal of continuously testing and improving the organization’s detection and response capabilities. You will provide detailed reports and contribute to the overall strengthening of corporate security.

• Plan and execute penetration tests and red teaming activities on systems, applications, networks, cloud and physical infrastructures.
• Identify vulnerabilities and gaps in clients’ security postures and propose detailed, practical corrective measures to mitigate identified risks.
• Simulate realistic attacks to assess the effectiveness of security controls and detection and response capabilities.
• Collaborate with internal teams to support secure application development and infrastructure protection.
• Contribute to the creation and improvement of custom attack tools, scripts, and testing methodologies.
• Draft technical and strategic reports to communicate offensive activity results to clients and internal stakeholders.
• Monitor and emulate emerging trends in threat actors’ techniques, tactics, and procedures (TTPs).

• Degree in Computer Science, Cybersecurity, or related fields, or equivalent industry experience.
• At least 3 years of experience in penetration testing, red teaming, and social engineering activities.
• Practical knowledge of tools such as Burp Suite, Metasploit, Sliver, BloodHound, and similar.
• In-depth knowledge of Windows and Linux operating systems, with particular attention to their vulnerabilities and cybersecurity implications.
• Familiarity with security frameworks and standards, such as OWASP, MITRE ATT&CK, and NIST.
• Good knowledge of scripting languages (e.g., Python, PowerShell, Bash) to automate attack and analysis activities.
• Ability to analyze and exploit vulnerabilities in applications, systems, and cloud infrastructures.
• Excellent problem-solving skills and results-oriented mindset.
• Autonomy in managing work tasks, as well as in communication with clients and stakeholders.

• Knowledge of distributed cloud systems (AWS, Azure, GCP, Kubernetes) and related security implications.
• Experience in secure software development lifecycle and supply chain attacks.
• Certifications in offensive security, such as OSCP, OSEP, CRTO, and/or cloud certifications (AWS Security Specialty, Azure Security Engineer, CKS).
• Familiarity with advanced penetration testing techniques, exploit development, and red teaming.

• Collaboration with a highly qualified and motivated team.
• Continuous training to maintain and develop professional skills.
• Engagement in international projects involving leading security technologies and frameworks.
• Opportunities to obtain market-leading certifications funded by the company.
• Flexible working hours and the possibility of remote work to ensure a proper work-life balance.
• Competitive compensation package, including a company MBO incentive system.
• Company production bonus convertible into a wide range of Welfare goods and services.
• Accident insurance and supplementary health insurance.
• A young and dynamic work environment that constantly promotes events dedicated to all collaborators, such as sports activities, informal dinners, cultural visits, etc.