76 to 100 of 148 Offensive Security Jobs

Responsibilities & Qualifications RESPONSIBILITIES Plan, execute, and document full-scope penetration tests and adversary emulation exercises. Develop, modify, and utilize offensive security tools such as Metasploit, NMAP, Kali Linux, and Cobalt Strike. Mimic threat actor behavior using TTPs aligned with frameworks like MITRE ATT&CK. Conduct assessments across multiple operating systems including Linux, Windows, and macOS. Perform exploit development … and identify zero-day or previously unknown vulnerabilities. Analyze, identify, and remediate gaps in offensive tools and Red Team methodologies. Perform scripting and programming tasks in support of custom exploit development and automation. Work collaboratively with Blue Team, tool developers, and RMF personnel to enhance overall cyber posture. REQUIRED QUALIFICATIONS Experience: Minimum of 7 years of full-time professional … experience in each of the following: Conducting penetration testing or offensive cyber operations. Developing and using tools such as Metasploit, NMAP, Kali Linux, and Cobalt Strike. Mimicking threat behavior and adversary simulation. Working across Linux, Windows, and macOS environments. Utilizing and exploiting Active Directory infrastructures. Performing exploit development and identifying tool gaps. Programming in at least two languages (e.g. More ❯

Responsibilities & Qualifications RESPONSIBILITIES Lead and execute complex Red Team penetration tests and cyber adversary emulation operations. Design, develop, and employ offensive tools using platforms such as Metasploit, NMAP, Kali Linux, and Cobalt Strike. Emulate threat actor TTPs based on MITRE ATT&CK, APT profiles, and emerging threat intelligence. Conduct assessments and attacks across various platforms, including Linux, Windows, and … macOS. Exploit and manipulate Active Directory environments to assess internal and external threat postures. Perform exploit development and vulnerability research to identify and validate security flaws. Identify limitations in existing toolsets and develop custom techniques to improve effectiveness and stealth. Script and develop tools in at least three programming/scripting languages, such as Python, C++, Java, Rust, Assembly … document findings and support remediation strategies. REQUIRED QUALIFICATIONS Experience: Minimum of 10 years of full-time professional experience in Red Team operations and penetration testing, including: Developing and leveraging offensive tools such as Metasploit, NMAP, Kali Linux, and Cobalt Strike. Simulating adversary behavior and TTPs. Operating across Linux, Windows, and macOS environments. Utilizing and exploiting Active Directory infrastructures. Performing More ❯

CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by our new generation benchmark delivering solutions through innovation with uncompromising … agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space exploration & navigation, and integrate various tools into our systems of record to view interactions from a holistic risk management … Introducing new risk management techniques will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary equipment to perform the job. More ❯

We are watchTowr, a VC-backed cyber security startup helping organisations continuously discover vulnerabilities in their Internet-facing attack surface. Cyber security veterans and technical experts, we are obsessed with building cybersecurity technology to help prevent breaches. With experience informed by years of simulating sophisticated cyber attacks against some of the world's largest organisations, our mission is … breaches. We are in a high and aggressive growth phase of our journey and are excited to continue adding colleagues to join our phorce of nature. Our vision for offensive security is continuous. But what's the role? We are seeking an ambitious Information Security Engineer to join our Platforms team to focus on our internal security programme. Sounds great-what will I do? This role involves: Security Architecture in the Cloud : Designing and implementing secure cloud infrastructures, ensuring robust protection against potential threats. Endpoint Management and Administration : Overseeing the deployment, configuration, and maintenance of endpoint security solutions to safeguard all devices within the organisation. Vulnerability Assessment and Management : Conducting regular vulnerability assessments, analysing More ❯

a Data Analyst to design, develop, and implement data-driven solutions to enhance cybersecurity operations, leveraging data analytics, visualization, and observability techniques to improve threat detection, incident response, and security posture. This role requires designing and developing data pipelines and architectures to ingest, process, and analyze large datasets from various cybersecurity sources, as well as developing and implementing data … visualization and dashboarding solutions to provide real-time insights and situational awareness to cybersecurity analysts and stakeholders. The Data Analyst shall utilize the GISA Governance Board determined Security Information and Event Management (SIEM) solution, which as of January 2025 is transitioning from Splunk to a new architecture based on Elastic, Logstash, and Kibana (ELK), leveraging Cribl as a data … broker to streamline and optimize data ingestion and processing. Additionally, the role involves implementing machine learning and anomaly detection models to identify potential security threats and improve incident response, developing and maintaining data quality and integrity, and collaborating with cybersecurity teams to integrate data-driven solutions with existing security tools and systems. The Data Analyst must stay up More ❯

and defensive countermeasures. • Contribute to the development of threat intelligence products, technical reports, and briefings for senior government officials and technical stakeholders. • Stay abreast of the latest trends in offensive security research, reverse engineering tools and techniques, and emerging exploit methodologies. Qualifications: • Bachelor's degree in computer science, Engineering, or a related field (master's degree preferred). … .o Network protocols and analysis tools (e.g., Wireshark, tcpdump). Strong understanding of operating systems internals (Windows, Linux, RTOS). Experience with exploit development techniques, shellcode writing, and bypassing security mitigations. Excellent written and verbal communication skills, with the ability to effectively convey complex technical findings to both technical and non-technical audiences. Desired Qualifications: • Experience with vulnerability disclosure … processes and responsible disclosure practices. • Contributions to open-source security tools or research publications. • Relevant industry certifications (e.g., OSCP, OSCE, GPEN, GXPN, GREM). Clearance: Active Top Secret/SCI required. Strategic Analysis, Inc. is an Equal Opportunity employer and is committed to non-discrimination in employment. All qualified applicants will receive consideration for employment without regard to race More ❯

Coordinates software system installations and monitors equipment functioning to ensure specifications are met Qualifications Top Secret Clearance. U.S. Citizenship Required for the purposes of obtaining/holding a U.S. security clearance Bachelor's degree and 8-10 years of related work experience reverse engineering, cybersecurity, or software development roles, with significant exposure to advanced reverse engineering activities. Minimum of … three (3) years of experience working in Agile environments, preferably in roles involving project management or leadership responsibilities. Certified Reverse Engineering Analyst (CREA), Offensive Security Certified Professional (OSCP), or similar certifications demonstrating expertise in reverse engineering and cybersecurity are highly desirable. Experience using industry standard RE tools (IDA Pro, Ghidra, JEB, Hopper) to determine how closed-source software More ❯

or more of the programming/scripting languages listed under required skills. • Certifications (e.g., GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Python Coder (GPYC), GIAC Certified Unix Security Administrator (GCWN), Offensive Security Exploit Developer Global InfoTek, Inc. is an equal-opportunity employer. All qualified applicants will receive consideration for employment regardless of race, color, religion More ❯

Our client is seeking a Senior Penetration Tester to join their growing security team. This is a unique opportunity to work a genuine 4-day week (no compressed hours) -giving you 79 extra days off a year -while focusing on high-quality, service-led testing and client relationships. This isn't your typical offensive security role. You … a technical advisor in pre-sales , helping scope work and educate internal sales teams on testing services. Build strong client relationships, translating technical findings into clear, actionable recommendations. Champion security best practices and support remediation discussions. Mentor junior testers and contribute to continuous service improvement. Requirements CREST Registered Tester or equivalent (e.g., OSCP with CREST equivalency). 4 years More ❯

and fast-moving, delivering a comprehensive range of professional services and managed services both onsite and remotely. The Cyber Practice consists of highly skilled professionals delivering a myriad of offensive security testing and governance, risk, and compliance (GRC) services in support of Claranet’s vision. Taking a customer first approach, Claranet’s Cyber Practice prides itself in providing … Support cross-function engagement to facilitate effective communication and collaboration between relevant stakeholders to help Claranet meet its vision Essential Duties and Responsibilities Support GRC Team members delivering Cyber Security GRC services Perform research as directed by team leader/manager in support of Cyber Security GRC services As necessary, create and maintain documentation supporting the delivery of … Cyber Security GRC services Interact professionally with customers across a variety of channels, ensuring timely progression of projects and the ongoing development of longstanding trust-based customer relationships Regular management of team mailboxes, requiring timely responses to customer contact Conduct customer meetings with regards to advisory information Understand technical terms and have a willingness to learn on the job More ❯

Head of Offensive Security Consulting, Europe | Client Facing/Security | Global Security SaaS I've partnered with one of the most exciting upcoming global security SaaS companies who are looking for a Head of Offensive Security Consulting for their Europe region. Their product specialises in attack surface management and automated red teaming. It … managing three internal European based teams. On the client side, you'll be the most senior technical individual representing the company so you'll need a strong background in security, ideally offensive security (red teaming/pen testing). You'll be liaising directly with Fortune500/Global Banks & Insurance companies (typically speaking to CISOs), understanding their … it is more man management and pointing fingers rather than getting in the mix of it. What's in it for you? Working closely with colleagues who LOVE everything security/product Opportunity to be constantly speaking to security leaders at enterprise organisations Grow with a growing company and be an established leader and lead offensive security More ❯

Head of Offensive Security Consulting, Europe | Client Facing/Security | Global Security SaaS I've partnered with one of the most exciting upcoming global security SaaS companies who are looking for a Head of Offensive Security Consulting for their Europe region. Their product specialises in attack surface management and automated red teaming. It … managing three internal European based teams. On the client side, you'll be the most senior technical individual representing the company so you'll need a strong background in security, ideally offensive security (red teaming/pen testing). You'll be liaising directly with Fortune500/Global Banks & Insurance companies (typically speaking to CISOs), understanding their … it is more man management and pointing fingers rather than getting in the mix of it. What's in it for you? Working closely with colleagues who LOVE everything security/product Opportunity to be constantly speaking to security leaders at enterprise organisations Grow with a growing company and be an established leader and lead offensive security More ❯

This position is contingent upon funding with an expected start date of December 2025 Top Secret/SCI Clearance required SRG is seeking a Red Team Offensive Tool Developer, you will support a Department of the Navy (DoN) customer onsite daily in Virginia Beach, VA. Be responsible for supporting Red Team/Penetration test engagements with exploit and tool … development for the U.S. Government and DoD systems and be able to identify gaps in tools and development techniques. On-site only, no telework. Develop, modify, and utilize offensive security tools such as Metasploit, NMAP, Kali Linux, and Cobalt Strike Mimic threat actor behavior using Tactics, Techniques and Procedures (TTPs) aligned with frameworks like MITRE ATT&CK Conduct … assessments across multiple operating systems including Linux, Windows, and macOS Perform exploit development and identify zero-day or previously unknown vulnerabilities Analyze, identify, and remediate gaps in offensive tools and development techniques Perform development with at least two scripting or programming languages (Python, C+, Java, Rust, Assembly, C#, etc.) in support of exploit development Education: Bachelor's degree in More ❯

Role: Offensive Security Specialist Type: Permanent Location: Remote (UK) Clearance: Eligible for SC Interested in getting away from the grind of endless similar penetration tests? Keen to stretch yourself into a more managerial role over time, building up a capability around you? We are working with a leading security services provider who are in the process of … standing up their Offensive Security capability. The work will be focused on providing services such as Web App testing, Infrastructure testing and Code Review services to clients whilst also looking at how to develop that side of the company further. This role has a unique blend of hands on, technical work that would suit someone looking for something … a bit different from either just doing technical tests forever or moving away from the keyboard fully. Key Responsibilities: •Work to develop the Offensive Security capability for the organisation into a market leading function •Customer engagement, through the scoping process, tool selection and overall delivery •Run and take ownership of services such as Vulnerability Assessments, Code Review and More ❯

Role: Offensive Security Specialist Type: Permanent Location: Remote (UK) Clearance: Eligible for SC Interested in getting away from the grind of endless similar penetration tests? Keen to stretch yourself into a more managerial role over time, building up a capability around you? We are working with a leading security services provider who are in the process of … standing up their Offensive Security capability. The work will be focused on providing services such as Web App testing, Infrastructure testing and Code Review services to clients whilst also looking at how to develop that side of the company further. This role has a unique blend of hands on, technical work that would suit someone looking for something … a bit different from either just doing technical tests forever or moving away from the keyboard fully. Key Responsibilities: •Work to develop the Offensive Security capability for the organisation into a market leading function •Customer engagement, through the scoping process, tool selection and overall delivery •Run and take ownership of services such as Vulnerability Assessments, Code Review and More ❯

Description The Offensive Security Manager is responsible for the provision of penetration & red team testing services to the business, including leading teams, creating processes, and management of technologies & 3rd parties that make up the service. The role reports to the Director of Offensive Security. The position does not need to be filled by a hands-on penetration …/red tester, as organizational, leadership, relationship and supplier management skills are the key focuses of the role but will need to have a good understanding of security vulnerabilities and testing methodology to be able to understand the subject matter of the service and manage quality. The role will work closely alongside the rest of the Cyber Team (e.g. … Vulnerability Management), the wider Information & Cyber Security function (e.g. Project Assurance) and leaders in operational IT teams to ensure accurate detection, and the prioritized, timely and appropriate resolution of security vulnerabilities. We are looking for a collaborative team player, with a good technical knowledge and the ability to lead others and experience working with 3rd party service providers. More ❯

Sr. Security Engineer, AppSec - Amazon Stores Security Job ID: Amazon Development Centre (London) Limited At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the … pipelines, from leading-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe's largest AWS deployment. As a Senior Security Engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day, you might be inspecting an … application's code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service alongside its software developers. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with More ❯

Cyber Security Analyst Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people … are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on Cyber Security Analyst joining our team to support the Defense Threat Reduction Agency (DTRA), Nuclear Enterprise Support Directorate (NE), Mission Assurance Department (MA) supporting DTRA's Strategic Objective to Assess vulnerabilities and Identify Risk to … Task Critical Assets and Missions, and its mission-essential task to Support Force Protection/Mission Assurance. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT Performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators What You'll Need to Succeed: Special requirements: Professional Certification(s) required for this position More ❯

We're Hiring: Security Consultant Ready to break things (ethically) and make the digital world safer? We're on the hunt for a Security Consultant to join our top-tier cyber team! What you'll do: Penetration testing & red teaming across on-prem, cloud & hybrid Hack into AD, Entra ID (Azure AD), AWS, GCP, and more Work with … remediation teams to fix real-world issues Help shape our tools & testing methods Collaborate, share, and grow with a supportive team What we're looking for: Proven offensive security skills Strong knowledge of AD & cloud platforms Curiosity and willingness to learn beyond your comfort zone Ideally working towards, or already hold CSTM or CRT Why Sapphire? Cutting-edge … projects Inclusive culture Real impact on client security Apply now and make cyber safer with us! Sapphire is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. More ❯

We're Hiring: Security Consultant Ready to break things (ethically) and make the digital world safer? We're on the hunt for a Security Consultant to join our top-tier cyber team! What you'll do: Penetration testing & red teaming across on-prem, cloud & hybrid Hack into AD, Entra ID (Azure AD), AWS, GCP, and more Work with … remediation teams to fix real-world issues Help shape our tools & testing methods Collaborate, share, and grow with a supportive team What we're looking for: Proven offensive security skills Strong knowledge of AD & cloud platforms Curiosity and willingness to learn beyond your comfort zone Ideally working towards, or already hold CSTM or CRT Why Sapphire? Cutting-edge … projects Inclusive culture Real impact on client security Apply now and make cyber safer with us! Sapphire is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. More ❯

We're Hiring: Security Consultant Ready to break things (ethically) and make the digital world safer? We're on the hunt for a Security Consultant to join our top-tier cyber team! What you'll do: Penetration testing & red teaming across on-prem, cloud & hybrid Hack into AD, Entra ID (Azure AD), AWS, GCP, and more Work with … remediation teams to fix real-world issues Help shape our tools & testing methods Collaborate, share, and grow with a supportive team What we're looking for: Proven offensive security skills Strong knowledge of AD & cloud platforms Curiosity and willingness to learn beyond your comfort zone Ideally working towards, or already hold CSTM or CRT Why Sapphire? Cutting-edge … projects Inclusive culture Real impact on client security Apply now and make cyber safer with us! Sapphire is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. More ❯

We're Hiring: Security Consultant Ready to break things (ethically) and make the digital world safer? We're on the hunt for a Security Consultant to join our top-tier cyber team! 💻💥 What you'll do: 🔍 Penetration testing & red teaming across on-prem, cloud & hybrid ☁️ Hack into AD, Entra ID (Azure AD), AWS, GCP, and more 🛠️ Work with … remediation teams to fix real-world issues 📈 Help shape our tools & testing methods 🤝 Collaborate, share, and grow with a supportive team What we're looking for: 🎯 Proven offensive security skills 🌐 Strong knowledge of AD & cloud platforms 🧠 Curiosity and willingness to learn beyond your comfort zone 🎓 Ideally working towards, or already hold CSTM or CRT Why Sapphire? ✅ Cutting-edge … projects ✅ Inclusive culture 🌈 ✅ Real impact on client security Apply now and make cyber safer with us! Sapphire is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. More ❯

of Defense client to create new and innovative tools for Operators to use during assessments of critical DoD and U.S. Government networks. Successful candidates will be passionate about supporting offensive cyber operations and customized tools for post-exploitation capabilities. The position is mostly Remote, however, there will be an occasional need to meet on-site at Fort Belvoir, VA … in a style that is conducive to discrete unit tests. - Occasional meetings will be required onsite at Ft. Belvoir. Candidates must live within a commutable distance. Experience: - Proficient in offensive capability development for Windows environments - Proficient in C and C# and BOFs - Experience working in an agile/scrum environment - Ability and willingness to complete client technical aptitude test … cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations. (desired, not required) - Experience in malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis, software More ❯

actively hiring Senior Cyber Intelligence Analyst to join our team supporting highly classified Program in Saratoga Springs Utah. The selected candidates will leverage a Senior level knowledge of Cyber Security, Intelligence and Networks, to identifying and combat cyber threats in defense of the nation's most valuable networks. The selected candidates must have a minimum of a CI Polygraph … as an understanding of encryption and VPN, and VPS. - Experience identifying, tracking, exploiting or defending, digital network vulnerabilities Certifications (Preferred) Certified Ethical Hacker (CEH) GIAC Certified Intrusion Analyst (GCIA) Offensive Security Certified Professional (OSCP) CompTIA Security+ or CySA+ Salary will be based on candidates level of experience, expertise, and Clearance. For Fullscope Polygraph candidates, we expect to pay More ❯

actively hiring Senior Cyber Intelligence Analyst to join our team supporting highly classified Program in Saratoga Springs Utah. The selected candidates will leverage a Senior level knowledge of Cyber Security, Intelligence and Networks, to identifying and combat cyber threats in defense of the nation's most valuable networks. The selected candidates must have a minimum of a CI Polygraph … as an understanding of encryption and VPN, and VPS. - Experience identifying, tracking, exploiting or defending, digital network vulnerabilities Certifications (Preferred) Certified Ethical Hacker (CEH) GIAC Certified Intrusion Analyst (GCIA) Offensive Security Certified Professional (OSCP) CompTIA Security+ or CySA+ Salary will be based on candidates level of experience and expertise, but we expect to pay 150K+ for this role. More ❯