Red Team Tech Lead

Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort.

The Picus Security Validation Platform easily reaches across on-prem environments, hybrid clouds and endpoints coupled with Numi AI to provide exposure validation.

The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 98% recommendation in Gartner Peer Review.

As a Red Team Tech Lead, you’ll lead the development of automated penetration testing capabilities, focusing on real-world attack simulations, evasion techniques, and endpoint security challenges. The role combines deep technical expertise in offensive security with cross-functional collaboration to drive innovation and align with customer needs.

Picus is headquartered in Ankara, with a regional office in Istanbul, but our team is remote across Türkiye. Please note that all CVs must be submitted in English.

• Provide technical leadership to an automated penetration testing-focused team.
• Design automated penetration testing scenarios targeting operating systems and the Domain Infrastructures.
• Develop evasive offensive tools to simulate real-world adversarial tactics and techniques in users' environments.
• Conduct research on AI-powered automated attack simulation capabilities and create Proof of Concepts.
• Solve complex technical challenges related to endpoint security products, including evasion, analysis, and compatibility issues.
• Collaborate with Picus Product Management and Field Team to align offensive capabilities with customer needs and use cases.

• Proven experience in offensive tool development in low-level programming languages.
• Strong hands‑on expertise in evasion techniques.
• Deep understanding of OS Internals (Windows/Linux/MacOS) and Active Directory environments.
• Eagerness to grow in offensive tooling development and post‑exploitation techniques.
• Contributions to the offensive security community, such as open-source projects or vulnerability advisories, will be a plus.
• Experience with exploit development and vulnerability research is a strong plus.
• Strong debugging and reverse engineering skills are a strong plus.
• Proficiency in both written and spoken English.

Fascinating work - a chance to shape and lead an exciting, fast-growing cyber security segment. Security Validation is a concept that helps organizations evaluate their security posture in a continuous, automated, and repeatable way. This approach allows for the identification of imminent threats, provides recommended actions, and produces valuable metrics about cyber‑risk levels.

Unlimited opportunity! We are growing. At Picus, you'll be provided with as much responsibility as you can handle - new career development opportunities constantly arise given our rate of growth.

Global exposure - Get a lot of experience working not only in a fast-growing startup but also interact with customers all around the world.

Be part of a global remote team who is taking on Exposure Validation and a growing market segment.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, sex, race, color, national origin, religious belief, gender or gender reassignment, sexual orientation, marriage or civil partnership, pregnancy and maternity, disability, protected veteran status, or any other characteristic protected by International law. Upon conditional offer of employment, candidates are required to complete reference and identity checks in line with local labor laws and as per the Company’s employment policy.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.