As an Offensive Security Engineer, you will strengthen our security posture by managing our Breach & Attack Simulation ecosystem and performing targeted Red Team assessments. You will simulate real-world attack scenarios, validate the effectiveness of security controls, and uncover detection gaps across our infrastructure. Working closely with Security Operations and Blue Teams, you will analyze logs, refine detection rules, and translate technical findings into clear, actionable recommendations. This role is ideal for someone who enjoys hands-on offensive work, deep technical problem-solving, and continuously exploring advanced attacker techniques.

Responsibilities

• Collaborate with cross-functional teams to enhance security hardening, working closely with Security Operations to improve security maturity & monitoring capabilities.
• Ensure the continuous availability and effectiveness of the Attack Simulation ecosystem across all networks. This includes architecting agent deployments, managing health checks, and troubleshooting complex connectivity issues in segmented environments.
• Assess the efficacy of security devices (Firewalls, WAFs, IPS/IDSs, EDRs, DLPs, Email Gateways, etc.) by simulating real-world attack vectors and analyzing their blocking/detection capabilities.
• Plan and conduct manual and semi-automated Red Team engagements, simulating an adversary starting from an internal compromise to test lateral movement, privilege escalation, and data exfiltration paths.
• Deep dive into OS (Windows/Linux) and Network layers to resolve agent-based issues, including debugging service failures, proxy authentication errors, SSL inspection conflicts, and GPO restrictions.
• Employ common testing frameworks in your projects, such as the MITRE ATT&CK framework.
• Translate complex technical findings into actionable insights for both technical teams and executive stakeholders, documenting detection gaps and remediation strategies.
• Collaborate closely with the Blue Team to analyze logs generated by simulations, identify visibility gaps, and develop new detection rules (Sigma, SPL, etc.).
• Document and catalog assessment findings.
• Research and replicate novel tactics, techniques, and procedures (TTPs) used by advanced threat actors (APTs).
• Develop, extend, or modify exploits, shellcode, and custom tools to automate specific assessment portions or bypass security controls when necessary.
• Maintain daily communication regarding project status with appropriate team members.

Expected Qualifications

• Experience: Minimum 4+ years of experience in Offensive Security, Penetration Testing, or Security Engineering roles.
• Penetration Testing: Strong proficiency in manual penetration testing methodologies beyond automated scanners.
• OS Expertise: Expert-level knowledge of Windows (Registry, Services, GPO, ACLs, Event Logs) and Linux (Systemd, Bash, Kernel capabilities) to troubleshoot agent deployment and persistence issues in hardened environments.
• BAS & Red Teaming: Proven experience in both managing Breach & Attack Simulation (BAS) platforms (maintaining infrastructure, agents, and policies) and executing manual Red Teaming operations.
• Network Knowledge: Solid understanding of stateful network operations. Ability to diagnose connectivity issues involving Proxies (Auth/No-Auth), SSL/TLS Inspection (Man-in-the-Middle), Firewalls, and DNS using packet analysis tools (Wireshark, tcpdump).
• Evasion Techniques: Deep understanding of how security controls (EDR, WAF, IPS) function and how to test/bypass them. Experience with evasion techniques (e.g., AMSI bypass, unhooking, obfuscation) is critical.
• Post-Exploitation: Strong capability in post-exploitation tradecraft, including Active Directory attacks (Kerberoasting, DCSync), Lateral Movement (Pass-the-Hash/Ticket), and C2 framework operations.
• Cloud & Containers: Experience with cloud environments (GCP, AWS) and container orchestration (Kubernetes) security assessments.
• Blue Team Perspective: Ability to analyze SIEM logs and understand "what the Blue Team sees" during an attack.
• Agile Management: Proficiency in Agile sprint cycles and management.
• AI Aptitude: Aptitude for AI projects and workflows.
• Certifications: Relevant certifications such as OSCP, OSEP, CRTO, CRTL, or vendor-specific attack simulation certifications are a big plus.
• Community Contribution: Experience contributing to the security or privacy community (public research, blogging, presentations, bug bounties, CVEs, etc.) is highly valued.
• Soft Skills: An Agile-minded team player with excellent communication skills. Ability to translate technical concepts into language understood by software engineers and executive stakeholders.
• Mindset: Eagerness for self-improvement, open-mindedness, and a future-oriented approach.
• Language: Good command of written and spoken English.

- Hybrid working model with flexibility: a schedule that helps you find the right balance between flexibility and team bonding, including work-from-abroad opportunities and a summer working model.

- Customisable FlexBenefits budget: Adjust your daily meal allowance, choose your health insurance package (and extend it to your spouse or children), and pick from additional benefits like fuel support or Trendyol shopping credits.

- Well-being support: Access to location-based in-house doctors, as well as psychologist and dietitian support, and HPV vaccination provision.

- Personalised training allowance and learning opportunities: Use your annual budget for any training or conference of your choice, explore our Learning Management System (LMS) anytime, and join in-person learning sessions offered throughout the year.

- Responsibility from day one: Take full ownership from the start in a culture where every voice is heard and valued.

- A diverse, international team: Collaborate with global peers across our offices in Berlin, Amsterdam, Dubai, and beyond, in a startup-spirited and collaborative environment.

- Opportunities to grow with the best: Tackle meaningful challenges, develop through hands-on experience, and grow with the support of expert guidance and global mentoring.

- Meaningful connections beyond tasks: Be part of team rituals, events, and social activities that help us stay connected and inspired.

If this role excites you, apply today, we look forward to taking the next step with you.