CrawlJobs Logo

Offensive Security Specialist

· Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

Deel is seeking a highly skilled Offensive Security Specialist with deep experience in web, mobile, network, infrastructure, and cloud penetration testing, as well as designing and executing end-to-end red and purple team engagements. In this role, you will craft and execute offensive security initiatives that continually challenge our defenses. This role isn't your typical penetration testing job - it's an opportunity to engage broadly and deeply, devise innovative attack emulations, work in close partnership with the blue team, engineering, and influence strategic security improvements across the organization. The primary focus of this position is on continuously testing the security of our products. These systems are high-value targets because they are rapidly evolving and present large, diverse attack surfaces. You will play a crucial role in securing our web and mobile applications by hunting vulnerabilities that emerge from the complex interactions between applications and the infrastructure that powers them. You'll have the chance to not only find vulnerabilities, but also actively drive their remediation, automate offensive techniques using cutting-edge technologies, and leverage your unique attacker perspective to shape our security strategy.

Job Responsibility

  • Perform comprehensive penetration testing on our diverse suite of products and services to uncover security flaws before adversaries can exploit them
  • Design and execute adversary emulation engagements aligned with the MITRE ATT&CK framework and real-world tactics, techniques, and procedures (TTPs) to ensure our simulations mirror actual threat actors
  • Continuously hunt for vulnerabilities across our web and mobile applications, as well as within our underlying infrastructure and cloud environments, proactively identifying security vulnerabilities
  • Perform specialized penetration testing on AI-based systems and platforms, evaluating the security of machine learning applications and related technologies for novel vulnerabilities
  • Conduct targeted cyber threat intelligence research to inform offensive operations, ensuring that red team scenarios are based on current and relevant threat actor behaviors and support investigations
  • Design and execute phishing campaigns and other social engineering exercises to test and improve organizational awareness and resilience against human-focused attacks
  • Develop custom exploits, tools, and automation to enhance red team operations, enabling more efficient and stealthy attack simulations and the ability to bypass advanced security controls
  • Conduct purple team operations that simulate realistic attack scenarios to test our organization’s detection and response capabilities
  • Partner with defensive security and engineering teams to translate findings into measurable security improvements - Enhancing detection, response, and mitigation capabilities
  • driving timely remediation through robust fixes and delivering clear, actionable communications that articulate risk, impact, and required change
  • Influence the organization’s security strategy by providing attacker-minded insight into risk assessment and threat modeling, helping to reprioritize security initiatives based on real-world attack trends
  • Contribute to the continuous improvement of the offensive security program, refining our red team methodologies, playbooks, and tools, and mentoring others in advanced attack techniques

Requirements

  • 5+ years of hands-on experience in Red Teaming, Offensive Security, or Penetration Testing (or exceptional accomplishments that demonstrate equivalent expertise)
  • Deep expertise in offensive security operations within modern and cutting-edge technology environments, with a history of simulating sophisticated threats against complex systems
  • Experience designing, developing, or assessing the security of a wide range of systems, including web and mobile applications, network and cloud infrastructure, microservices, and AI-powered platforms
  • Demonstrated mastery in evaluating complex technology stacks, including containerized and Kubernetes environments, CI/CD pipelines, various operating systems, cutting-edge technologies, and AI-powered platforms and systems
  • Strong understanding of trust boundaries and dynamic risk assessment, with the intuition to identify where security assumptions break down in complex, evolving architectures
  • Coding and scripting skills, with the ability to develop robust custom tools and automation to support offensive operations
  • Ability to communicate complex technical concepts to diverse audiences effectively, including through compelling storytelling and narrative techniques to convey the implications of security issues
  • Proven track record of not only discovering critical vulnerabilities but also driving their remediation, contributing fixes or mitigation strategies in complex codebases

Nice to have

  • Prior experience in fast-paced technology environments, demonstrating adaptability and broad exposure to modern development practices, including cutting-edge technology
  • Ability to learn and adapt quickly to new languages, frameworks, and technologies, staying effective in ever-changing technical landscapes
  • Experience supporting security incident investigations and contributing threat intelligence insights, showing an ability to connect offensive findings to real-world threats and inform defensive strategies
  • Strong communication skills with the ability to translate technical findings into business risks, effectively articulating why a vulnerability matters in terms of impact and urgency
  • Familiarity with AI systems and their security considerations, or a background in AI/machine learning, is a plus given our use of advanced AI technologies
  • Relevant security certifications (e.g., OSCP, OSCE, OSEP, GIAC GPEN/GXPN, etc.) are a plus, indicating a solid foundational knowledge and commitment to the offensive security field

What we offer

  • Stock grant opportunities dependent on your role, employment status and location
  • Additional perks and benefits based on your employment status and country
  • The flexibility of remote work, including optional WeWork access

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Offensive Security Specialist

8 matching positions

Senior Security Specialist / Penetration Tester

A globally renowned Investment Manager is making a rare Senior Cyber Security hi...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
weareorbis.com Logo
Orbis Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years’ commercial Penetration testing experience covering Web, APIs, Cloud and Infrastructure
  • Experience working with Financial Services or Professional Services organisations
  • Strong scripting / automation experience, ideally ideally Python, PowerShell or similar
  • Experience and keen interest in applying AI to cybersecurity workflows
  • Relevant offensive security certifications such as OSCP, OSWE and CRTO
Job Responsibility
Job Responsibility
  • Advanced penetration testing across Web, APIs, Cloud and IT Infrastructure, including post-exploitation analysis, remediation validation and continuous improvement of testing methodologies
  • Contribute to secure architecture across cloud-native and on-premise environments, including threat modelling, zero trust controls, defence-in-depth design and security input into major system decisions
  • Embed security into engineering workflows by integrating SAST, DAST, SCA and IaC scanning into CI/CD pipelines, while developing scripts, tooling and automation to scale security testing and control validation
  • Fulltime
Read More
Arrow Right

Senior Consulting Director, Offensive Security, Proactive Services (Unit 42)

The Senior Consulting Director, Offensive Security will lead a team of technical...
Location
Location
United States , California
Salary
Salary:
236000.00 - 275000.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree with 12 years of experience, Master's degree with 8 years of experience, or PhD with 5 years of experience in Information Security, Computer Science, Digital Forensics, Cyber Security, or a related field
  • Extensive experience managing a team of consultants in the execution of a variety of penetration testing requirements
  • Exceptional communication and interpersonal skills, with the ability to serve as a front-facing representative of Palo Alto Networks, building and maintaining strong relationships with clients and stakeholders
  • Proven ability to draft thorough, articulate reports that convey technically complex material to an executive-level audience, ensuring clear understanding and informed decision-making
  • Experience scoping new opportunities with prospective clients, including drafting statements of work and proposals
  • Hands-on experience and deep understanding of tools and techniques for conducting network, wireless, and web application penetration testing
  • Ability to perform travel requirements as needed to meet business demands (on average 30%)
Job Responsibility
Job Responsibility
  • Provide a direct positive influence on the security posture of the world's most prestigious organizations by leading Unit 42's elite group of cybersecurity professionals in a variety of assessments for our top-tier clientele
  • Orchestrate and manage a dynamic schedule for a large team of elite offensive security specialists, ensuring optimal alignment of skill sets to meet client needs and maximize usage of available billable hours
  • Serve as a mentor to a team of offensive security personnel, maximizing professional development by providing ad hoc technical guidance and aligning employees with appropriate industry-standard training courses
  • Craft policies governing offensive security practices which reflect cutting-edge capabilities of advanced persistent threat actors and enforce security best practices that ensure the safety of our client's environments
  • Fulfill a customer-facing case leadership role for multiple concurrent events, guiding a technically diverse team of personnel through the complex challenges posed by some of the world's largest networks
  • Ensure high quality engagement outcomes and deliverables by providing quality assurance and technical oversight during engagements
  • Provide hands-on support for highly complex offensive security operations, utilizing cutting-edge techniques in technically challenging environments
  • Provide front-line support to the sales team by meeting with clients to clearly articulate various penetration approaches and methodologies to both technical and executive audiences
  • Transform customer requirements into executable statements of work, including a work breakdown structure with accurate estimates of billable hours for each discrete phase of testing
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right

Artificial Intelligence Security Specialist EMEA

Citi, the leading global bank, has approximately 200 million customer accounts a...
Location
Location
United Kingdom , London; Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years for Assistant Vice President (C12 Mid - Senior Level)
  • 8-10+ years for Vice President (C13 Senior - Lead/Staff Level)
  • 10+ years for Senior Vice President (C14 Lead/Staff - Principal Level)
  • Depth in at least one of AI/ML engineering, offensive security, detection engineering, software engineering, or security research
  • Hands-on LLM API experience (context management, tool use, evaluation, failure modes) for AI/ML Engineering
  • Agentic systems design
  • AI safety at the infrastructure level
  • Vulnerability research, exploit development, or pen testing with real depth for Cyber Security
  • Detection engineering for novel attack patterns
  • Threat modelling (STRIDE, ATT&CK)
Job Responsibility
Job Responsibility
  • Depends on team: Offensive Security & Vulnerability Management — AI-assisted pen testing at a scale previously impossible
  • Automated exploit validation
  • Bridge the gap from 'AI found a vulnerability' to 'the application team has a PR to fix it'
  • AI & Emerging Technology Security — Define how the bank deploys AI safely
  • Security architecture and assurance for new implementations
  • Building the next generation of AI-powered tools for CISO colleagues
  • Test new models at the cutting edge of creation and influence
  • Cyber Security AI Services — Own the AI products CISO depends on in production — security assurance, cyber security operations, governance and controls, vulnerability assessment
  • Keep them reliable, evolve them fast
  • Cyber Security Operations — Detection, triage, and response for a world where adversaries use AI to find and exploit vulnerabilities faster than traditional detection can keep up
What we offer
What we offer
  • Business casual workplace
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Fulltime
Read More
Arrow Right

Artificial Intelligence Security Specialist EMEA

Artificial Intelligence Security Specialist EMEA at Citi. Working at Citi is far...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on LLM API experience (context management, tool use, evaluation, failure modes)
  • Agentic systems design
  • AI safety at the infrastructure level, not just the prompt level
  • Vulnerability research, exploit development, or pen testing with real depth
  • Detection engineering for novel attack patterns
  • Threat modelling (STRIDE, ATT&CK)
  • Security architecture
  • You've built and operated production systems, not just prototypes
  • Strong Python and/or systems programming
  • Can digest dense technical research and turn it into actionable security recommendations
Job Responsibility
Job Responsibility
  • AI-driven vulnerability management
  • Security architecture for the AI era
  • Securing AI agents that can behave like insider threats
  • Offensive Security & Vulnerability Management — AI-assisted pen testing at a scale previously impossible
  • AI & Emerging Technology Security — Define how the bank deploys AI safely
  • Cyber Security AI Services — Own the AI products CISO depends on in production
  • Cyber Security Operations — Detection, triage, and response for a world where adversaries use AI
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Systems Engineer Technical Specialist (TD Support)

The Systems Engineer will support the Sponsor’s TD as a critical member of the t...
Location
Location
United States , Chantilly
Salary
Salary:
145200.96 - 234866.03 USD / Year
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess and be able to maintain a TS/SCI clearance with Polygraph
  • BS 10-12, MS 8-10, PhD 5-7 or equivalent experience Business, Computer Science, Information Systems, Engineering, or a scientific or technical discipline
  • Ability to develop well documented, actionable, measurable, testable, traceable requirements supporting Sponsor development activities
  • Demonstrated successful experience in applying critical thinking in analyzing Sponsor project and programs to identify technical risks that may impact successful delivery of the Sponsor developed capability
  • Demonstrated successful experience in development of Concept of Operations diagrams utilizing industry best practices through coordination with project stakeholders
  • Demonstrated successful experience forecasting technologies and products that are related to and would advance the Sponsors mission area
  • Demonstrated successful experience in providing independent assessment of projects relating to technical risk and providing suggestions for potential improvement on technical functionality
  • Demonstrated successful experience developing comprehensive project plans that transition cyber research concepts into mission ready capabilities
  • Demonstrated successful experience working with Test Teams to create ad hoc test cases to fully characterize developed offensive cyber capabilities
  • Demonstrated successful experience working with IC or DoD targeting officers to identify new opportunities to enable technical operations to include access, exfil, collection and covert action
Job Responsibility
Job Responsibility
  • The SE will review system architecture, design documentation, and security processes
  • Develop and administer requirements for cyber tools
  • Perform system assessment to support validation of information systems
  • Work with inter-agency partners to develop technical strategic plans and coordination of cyber strategies
  • Support operations governance
  • Stay abreast of emerging technologies across technical domains
  • Serve as a technical liaison between Divisions and Branches
  • Develop CONOPS documentation
What we offer
What we offer
  • Health Insurance
  • Life Insurance
  • Paid Time Off
  • Holiday Pay
  • Short Term and Long-Term Disability
  • Retirement and Savings
  • Learning and Development opportunities
  • wellness programs
  • Fulltime
Read More
Arrow Right

Systems Engineer Technical Specialist

Arcfield was purpose-built to protect the nation and its allies through innovati...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess and be able to maintain a TS/SCI clearance with Polygraph
  • BS 10-12, MS 8-10, PhD 5-7 or equivalent experience Business, Computer Science, Information Systems, Engineering, or a scientific or technical discipline
  • Ability to develop well documented, actionable, measurable, testable, traceable requirements supporting Sponsor development activities
  • Demonstrated successful experience in applying critical thinking in analyzing Sponsor project and programs to identify technical risks that may impact successful delivery of the Sponsor developed capability
  • Demonstrated successful experience in development of Concept of Operations diagrams utilizing industry best practices through coordination with project stakeholders
  • Demonstrated successful experience forecasting technologies and products that are related to and would advance the Sponsors mission area
  • Demonstrated successful experience in providing independent assessment of projects relating to technical risk and providing suggestions for potential improvement on technical functionality
  • Demonstrated successful experience developing comprehensive project plans that transition cyber research concepts into mission ready capabilities
  • Demonstrated successful experience working with Test Teams to create ad hoc test cases to fully characterize developed offensive cyber capabilities
  • Demonstrated successful experience working with IC or DoD targeting officers to identify new opportunities to enable technical operations to include access, exfil, collection and covert action
Job Responsibility
Job Responsibility
  • The Systems Engineer will support the Sponsor’s organization as a critical member of the team in the review of cyber systems
  • The candidate will be responsible for a wide range of duties including assessment, verification, and validation of information systems
  • The SE will review system architecture, design documentation, and security processes
  • Review network design documentation
  • Develop and administer requirements for cyber tools
  • Perform system assessment to support validation of information systems
  • Align the organization’s IT infrastructure, system, and technology strategies with business goals & objectives
  • Work with inter-agency partners to develop technical strategic plans and coordination of cyber strategies
  • Support operations governance
  • Stay abreast of emerging technologies across technical domains
  • Fulltime
Read More
Arrow Right

Vector Command Specialist

Rapid7 is hiring a Vector Command Specialist to act as a vital bridge between ou...
Location
Location
United States
Salary
Salary:
89300.00 - 120800.00 USD / Year
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Apply three or more years of experience in an active technical security or offensive consulting role, showcasing strong knowledge of modern penetration testing methodologies
  • Utilize deep expertise in external attack surface reconnaissance, manual exposure validation, and open-source intelligence gathering
  • Demonstrate a solid technical foundation in network protocols, web-based application security, and Windows or Linux operating system internals
  • Write clean scripts in Python, PowerShell, or bash to automate diagnostic queries and analyze large datasets from various security tools
  • Deconstruct complex customer attack surfaces into clear, structured milestones to execute exposure assessments and manual reconnaissance efficiently
  • Translate highly technical vulnerability findings into clear, impactful guidance that enables client IT teams to drive remediation outcomes
  • Maintain absolute personal accountability for delivering accurate reports, managing customer timelines, and identifying areas to improve security deliverables
  • Embody our core values to foster a culture of excellence that drives meaningful impact and collective success
Job Responsibility
Job Responsibility
  • Onboard customers to the Vector Command platform and modern attack surface management technologies
  • Oversee and manage the accuracy, quality, and timely completeness of customer report deliverables
  • Serve as the primary technical point of contact for customer inquiries regarding alerts, testing operations, and red team activities
  • Coordinate and facilitate monthly Vector Command Red Team update calls alongside offensive security leadership
  • Translate highly technical offensive security concepts into clear, actionable communications for non-security business stakeholders
  • Partner cross-functionally to coordinate customer communications between Managed Detection and Response and Managed Vulnerability Management teams
  • Perform active external attack surface reconnaissance, manual exposure validation, and OSINT gathering to uncover client security risks
  • Analyze customer environments, track dynamic exposure changes, and coordinate technical prioritization requests with red team operators
  • Fulltime
Read More
Arrow Right

Systems Engineer Technical Specialist (SoHo Devices)

Arcfield was purpose-built to protect the nation and its allies through innovati...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess and be able to maintain a TS/SCI clearance with Polygraph
  • BS 10-12, MS 8-10, PhD 5-7 or equivalent experience Business, Computer Science, Information Systems, Engineering, or a scientific or technical discipline
  • Ability to develop well documented, actionable, measurable, testable, traceable requirements supporting Sponsor development activities
  • Demonstrated successful experience in applying critical thinking in analyzing Sponsor project and programs to identify technical risks that may impact successful delivery of the Sponsor developed capability
  • Demonstrated successful experience in development of Concept of Operations diagrams utilizing industry best practices through coordination with project stakeholders
  • Demonstrated successful experience forecasting technologies and products that are related to and would advance the Sponsors mission area
  • Demonstrated successful experience in providing independent assessment of projects relating to technical risk and providing suggestions for potential improvement on technical functionality
  • Demonstrated successful experience developing comprehensive project plans that transition cyber research concepts into mission ready capabilities
  • Demonstrated successful experience working with Test Teams to create ad hoc test cases to fully characterize developed offensive cyber capabilities
  • Demonstrated successful experience working with IC or DoD targeting officers to identify new opportunities to enable technical operations to include access, exfil, collection and covert action
Job Responsibility
Job Responsibility
  • Work with developers on operational capabilities related to SoHo devices (routers, switches, firewalls)
  • Review system architecture, design documentation, and security processes
  • Develop and administer requirements for cyber tools
  • Perform system assessment to support validation of information systems
  • Work with inter-agency partners to develop technical strategic plans and coordination of cyber strategies
  • Support operations governance
  • Stay abreast of emerging technologies across technical domains
  • Develop CONOPS documentation
  • Fulltime
Read More
Arrow Right