Senior Offensive Security Consultant - Remote (Mexico City)

About us: At Echelon Risk + Cyber, we believe in defending basic human rights to security and privacy. We seek a highly skilled and experienced Senior Offensive Security Consultant to join our team. In this role, you will lead and execute client engagements that range from penetration testing to advanced adversarial emulation exercises (red teaming and purple teaming). You will also contribute to research and development efforts to advance our offensive security capabilities and tradecraft.

At Echelon, you will have the opportunity to engage with clients, business partners and systems that are at the cutting edge of technology. We allow our employees to build from the ground up and make an impact across the organization. We look for driven and proactive people that are eager to contribute to a distinct and thriving Cybersecurity services organization, that can adapt to a rapid and changing environment.

• Lead and execute complex offensive security assessments, including:
• Penetration testing (internal, external, web, wireless, cloud, physical)
• Adversarial emulation / red team engagements
• Purple team exercises in collaboration with client detection and response teams
• Social engineering and physical security testing
• Simulate real-world adversary TTPs to assess detection and response capabilities
• Identify and exploit vulnerabilities with a creative, methodical, and resourceful approach beyond automated tools
• Deliver executive-ready reports and presentations, translating technical findings into business risk insights and remediation recommendations
• Mentor and guide junior team members, supporting skill development in a remote-first environment
• Contribute to research & development of new tools, exploits, and methodologies in web, mobile, and cloud environments
• Publish thought leadership blogs and represent Echelon at conferences and in the cybersecurity community
• Partner with clients across industries, providing not just technical testing but also consultative guidance to improve resilience

• 3–5+ years of hands-on offensive security experience (or 2–4 years in offensive cyber operations)
• Proven experience with:
• Web, mobile, and cloud penetration testing
• Red and/or purple team operations
• Industry frameworks (PTES, MITRE ATT&CK, PCI-DSS, etc.)
• Strong technical knowledge of adversarial TTPs, exploitation, and lateral movement
• Ability to work independently and lead engagements with minimal oversight
• Demonstrated ability to communicate complex technical issues clearly to both technical and non-technical audiences
• Relevant certifications such as OSCP, GPEN, GWAPT, OSWE, eWPTX (or equivalent)
• Bachelor's degree in Computer Science, IT, Cybersecurity, or related field
• Authorized to work in Mexico
• Only Resumes in English will be considered

• Active engagement in penetration testing communities (e.g., HackTheBox rank Hacker+)
• Certifications such as OSEP, OSCE, CRTP, CRTE, PACES, GXPN, etc.
• Prior consulting experience and comfort in client-facing delivery
• Published research, conference speaking, or open-source contributions

We are committed to creating an inclusive environment for our team with unquestioned integrity. If you have a special need that requires accommodation, please let your recruiter know. One of our core values is "People with Personality" and we want to allow you the space to bring your full self to work.

• Access to private medical insurance through MetLife
• Life insurance policy via MetLife
• 30-day Christmas bonus and a monthly technology stipend
• Contribution of 8% of the employee's salary to a savings fund
• Flexible vacation policy that allows you to manage your schedule and rest and recharge when you need to
• Family-friendly benefits, including 16 weeks off for maternity leave, 8 weeks off for non-birthing parent leave, and employer-paid short-term and long-term disability
• Support for individual development through certifications, continued learning, conferences, and more

We value a diverse workforce and a culture of inclusivity and belonging. All employment decisions shall be made without regard to age, race, creed, color, religion, gender, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Echelon Risk + Cyber is an Equal Opportunity Employer.