Address
304 North Cardinal St.
Dorchester Center, MA 02124

Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM

Offensive Security Engineer

Closing on: Jun 30, 2025

📍 Location: Remote / Global

Key Responsibilities
  • Perform penetration testing, ethical hacking, and security assessments across web applications, internal/external networks, cloud infrastructure (AWS, Azure, GCP), and enterprise environments.
  • Identify and exploit vulnerabilities such as SQL Injection (SQLi), Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), Remote Code Execution (RCE), and Insecure Direct Object References (IDOR).
  • Conduct network security testing, including port scanning, vulnerability analysis, privilege escalation, and Active Directory (AD) exploitation.
  • Create or modify custom exploits, scripts, or tools for advanced testing and automation.
  • Execute post-exploitation techniques including persistence, lateral movement, and credential access.
  • Generate comprehensive security reports detailing risks, technical findings, and remediation recommendations.
  • Stay up to date with the latest zero-day vulnerabilities, cloud attack vectors, and emerging threats.
  • Collaborate with blue teams and threat detection engineers to improve security monitoring and incident response.
Requirements & Skills
  • Proven hands-on experience in offensive security, penetration testing, or red teaming.
  • Strong knowledge of security frameworks and methodologies: OSSTMM, OWASP Top 10, PTES, MITRE ATT&CK, NIST, CIS Benchmarks.
  • Proficient in tools such as: Burp Suite, Nmap, Metasploit, Wireshark, Nessus, Acunetix, Kali Linux, BloodHound, PowerShell Empire.
  • Experience in cloud security assessments (AWS, Azure, GCP).
  • Skilled in scripting languages such as Python, Bash, PowerShell, JavaScript, or C for automation and exploit development.
  • Familiar with Active Directory attacks, Kerberoasting, Pass-the-Hash, Mimikatz, token impersonation, etc.
  • Bonus: Knowledge of exploit development, reverse engineering, and malware analysis.

Keywords:
offensive security engineer, penetration tester, ethical hacker, red team engineer, web application security tester, exploit developer, security researcher, vulnerability analyst, application security engineer, security consultant, bug bounty hunter, security analyst, network penetration tester, cloud security engineer, malware analyst, threat emulation specialist, cybersecurity engineer, cyber security

How to Apply?
If you’re an experienced, we’d love to hear from you! Submit your CV

Job Category: IT Development
Job Type: Remote

Apply for this position

Allowed Type(s): .pdf, .doc, .docx