Offensive Security Engineer

Why this role matters

The mission of the Red Team is to design and emulate advanced real-world adversaries in order to identify emerging threats and critical security gaps before attackers do. As an Offensive Security Engineer, the role contributes to strengthening the resilience of Exness by performing offensive security activities, helping protect the Exness.

What you'll actually do

Penetration Testing

• Responsible for performing targeted penetration testing activities to identify vulnerabilities in systems, applications, and infrastructure. This includes validating security controls, documenting findings, and providing actionable recommendations for remediation

Offensive Tool Creation

• Responsible for developing and maintaining offensive security tools to support Red Team operations. This includes creating custom utilities, modifying existing tools, and adapting capabilities to simulate realistic adversary techniques

Automation

• Responsible for automating security testing and operational processes using scripting languages. This includes building scripts and workflows to improve efficiency, scalability, and repeatability of Red Team activities

Who we’re looking for

• Relevant Certifications in OSCP, CPTS, CRTO
• 2+ years of professional experience in Offensive Security activities
• Reconnaissance & Enumeration
• Password Attacks
• Privilege Escalation
• Active Directory Security
• Windows, Linux, MacOS Security Protections knowledge
• Container Attacks
• AWS, Azure, GCP Attacks
• Professional behaviour: Acts respectfully and ethically during Red Team activities, ensuring exercises remain constructive and professional.
• Team player : Collaborates effectively with team members and other security teams to achieve common goals.
• Attacker mindset: Thinks like a real adversary to identify weaknesses and exploit potential attack paths.
• Think “outside the box”: Approaches problems creatively to discover unconventional attack vectors and solutions

What your journey looks like

1. Intro call with Recruiter (30 minutes)
2. Technical interview (90 minutes)
3. Final interview (60 minutes)

Please use your exness work email for internal applications and ensure to disclose any existing Conflict of Interest you may have.