CrawlJobs Logo

Red Team Engineer

iproov.com Logo

iProov

Location Icon

Location:
United Kingdom , London

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As we continue to scale and grow, we are looking for an experienced Red Team Engineer focused on web platforms to join our growing Red Team function and ensure our system continues to deliver outstanding levels of biometric security and performance globally. Our system has to provide the highest levels of biometric security to defend against the numerous and growing threats, whilst ensuring that we deliver outstanding performance for our millions of users worldwide. This is an exceptionally challenging problem as the nature of the threats evolves rapidly and there is a constant and growing need to track new threats, develop new defences and deploy in a timely and efficient manner.

Job Responsibility:

  • Design and execute Red Team Operations against iProov’s biometric platform, web apps, APIs, identity flows
  • Strengthen the company’s security posture through offensive security assessments including the identification and exploitation of vulnerabilities across the web platform
  • Perform penetration testing and realistic security exercises to simulate various attack scenarios, to test and improve our detection and response capabilities, and to identify weaknesses in our infrastructure and products
  • Execute technical security assessments to identify risk, likelihood and impact an attacker may have on the System due to weak or missing controls
  • Conduct research into real-world threat actor tactics, techniques, and procedures (TTP’s) to develop proof-of-concept tools and replicate real world attacks
  • Present findings and operational work to groups in a clear and professional manner
  • Produce clear, actionable reports, risk-ranked remediation plans, and executive summaries aimed at product and engineering stakeholders
  • Collaborate with defenders, product teams, and leadership to translate findings into prioritized, actionable remediation and risk reduction
  • Bring insight into all aspects of modern security issues to our products and rapidly developing prototypes for mitigations
  • Mentor engineers in secure-by-design patterns, client-side security, and secure API design
  • Work hand-in-hand with developers to propose pragmatic mitigations, remediation plans, and detection logic for vulnerabilities discovered during engagements
  • Translate findings into engineering-friendly fix guidance (code-level suggestions, configuration changes, library upgrades, secure design alternatives) and where required create reproducible PoCs that safely demonstrate impact
  • Validate and re-test remediations and detection improvements (verify fixes, tune rules/signatures, confirm telemetry coverage)
  • Integrate offensive findings into the SDLC: enable SCA (software composition analysis), SAST/DAST pipelines, pre-merge checks, and secure CI/CD practices
  • Ensure all work follows company policies, rules of engagement (ROE), and legal/regulatory requirements

Requirements:

  • 5+ years of experience in ethical hacking, vulnerability research, exploit development, penetration testing or being a member of a red team, with significant focus on web application security
  • Strong hands-on experience attacking and defending modern web tech stacks
  • Experience with JavaScript/Typescript
  • Proficient with offensive web toolsets (Burp Suite, OWASP ZAP) and experienced building extensions/scripts
  • Experience with developing and maintaining web-focused tooling and automation (Burp extensions, custom scanners, authenticated API fuzzers, GraphQL mutation explorers, Puppeteer/Playwright scripts)
  • Experience with source code reviewing for control flow and security flaws
  • A passion for constructively break things
  • Want to be part of an ambitious, high-growth startup company
  • Written and verbal communication skills in English
What we offer:
  • 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service)
  • Growth Shares allocated after passing probation (6 months of service)
  • Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme
  • Nursery Sacrifice Scheme
  • Work Overseas Perk - Work globally for up to 2 weeks
  • Life Assurance
  • SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family
  • Award winning L&D platform with personal allocated training budgets
  • Benefit from personalized 1:1 career coaching with our in-house Occupational Psychologist
  • Enhanced paid family leave
  • Pension - 5% employee, 3% employer
  • Flexible hybrid working environment
  • Free Barista Coffee/Tea, biscuits with fruit in the WeWork office
  • Free access to WeWork discounts and free online well-being sessions
  • Vitality Health - a range of options available on this below
  • The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan, for example: Private Health cover including Dental, Optical, and Audiology
  • 50% off monthly gym memberships
  • Apple watches significantly discounted based member vitality status
  • Half price trainers with Runners Need
  • Weekly rewards – Free coffee with Café Nero
  • Monthly rewards – Free Cinema ticket
  • Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on members vitality status
  • Amazon prime free months based on activity
  • Up to 25% cashback at Waitrose when buying healthy foods
  • 75% off stays at Champneys Health Spas
  • Allen Carr’s £299 no smoking programme for free
  • Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify, Calm and Headspace
  • Discounts on Weight Watchers
  • 50%-80% off Comprehensive Private Health screenings

Additional Information:

Job Posted:
December 09, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
iProov - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Red Team Engineer

Red Team Operations Manager

To lead, oversee, and quality assure the execution of Red Team engagements end-t...
Location
Location
United Kingdom
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience leading and/or managing Red Team engagements in enterprise environments, preferably across multiple industries (e.g. finance, critical infrastructure, cloud / SaaS / OT)
  • Deep technical knowledge of exploitation, post-exploitation, lateral movement, persistence, command & control, evasion, privilege escalation
  • Good knowledge and experience with Blue Team controls e.g. IDS/IPS, SIEM, EDR, NGFW, log analysis, detection engineering, ideally experience in bypassing or evading them safely
  • Solid experience with modern cloud environments (Azure, AWS, GCP), hybrid / on-premise networks, potentially OT/IoT/industrial environments
  • Strong tradecraft / OpSec awareness around how to avoid detection and conduct operations with minimal operational risk
  • Familiarity with CREST / STAR / TIBER etc. and regulatory / compliance requirements in relevant geographies
  • Proven experience in threat intelligence ingestion, scenario design, mapping to relevant threat actors
  • Excellent written and verbal communication skills and able to produce high quality reports, executive summaries, interact with senior leadership, legal, compliance etc.
  • Good project / operations management skills with an eye for budgeting, scheduling, resource allocation, interfacing external/internal teams
  • Ability to make real-time decisions under pressure, to balance risk vs reward
Job Responsibility
Job Responsibility
  • Lead, oversee, and quality assure the execution of Red Team engagements end-to-end from scoping & planning, through execution, reporting, to debrief and capability development
  • Ensure that all operations are safe, legal, technically robust, aligned with threat intelligence, compliance frameworks, and deliver high value to customers
  • Act as a subject-matter expert and manager for both operations and sales / client-facing aspects of Red Team services
  • Lead multiple concurrent Red Team engagements across industries
  • Define, negotiate and document scope, objectives, rules of engagement, deliverables, constraints, escalation & approval pathways
  • Oversee milestone planning e.g. kick-offs, stand-ups, wash-ups, strategic debriefs
  • Manage resources e.g. operator assignments, tooling, support functions
  • Track engagement progress vs objectives, adjust as needed
  • Assess and manage technical risk ensuring that any red team activity minimises risk to customer operations, data, systems
  • Real-time decision making during operations around TTP deployment, bypass of defenses, managing detections or unexpected discovery
Read More
Arrow Right

Red Team Operations Manager

To lead, oversee, and quality assure the execution of Red Team engagements end-t...
Location
Location
Australia
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience leading and/or managing Red Team engagements in enterprise environments, preferably across multiple industries (e.g. finance, critical infrastructure, cloud / SaaS / OT)
  • Deep technical knowledge of exploitation, post-exploitation, lateral movement, persistence, command & control, evasion, privilege escalation
  • Good knowledge and experience with Blue Team controls e.g. IDS/IPS, SIEM, EDR, NGFW, log analysis, detection engineering, ideally experience in bypassing or evading them safely
  • Solid experience with modern cloud environments (Azure, AWS, GCP), hybrid / on-premise networks, potentially OT/IoT/industrial environments
  • Strong tradecraft / OpSec awareness around how to avoid detection and conduct operations with minimal operational risk
  • Familiarity with CREST / STAR / TIBER etc. and regulatory / compliance requirements in relevant geographies
  • Proven experience in threat intelligence ingestion, scenario design, mapping to relevant threat actors
  • Excellent written and verbal communication skills and able to produce high quality reports, executive summaries, interact with senior leadership, legal, compliance etc.
  • Good project / operations management skills with an eye for budgeting, scheduling, resource allocation, interfacing external/internal teams
  • Ability to make real-time decisions under pressure, to balance risk vs reward
Job Responsibility
Job Responsibility
  • Lead multiple concurrent Red Team engagements across industries
  • Define, negotiate and document scope, objectives, rules of engagement, deliverables, constraints, escalation & approval pathways
  • Oversee milestone planning e.g. kick-offs, stand-ups, wash-ups, strategic debriefs
  • Manage resources e.g. operator assignments, tooling, support functions
  • Track engagement progress vs objectives, adjust as needed
  • Assess and manage technical risk ensuring that any red team activity minimises risk to customer operations, data, systems
  • Real-time decision making during operations around TTP deployment, bypass of defenses, managing detections or unexpected discovery
  • Review and approve attack plans, threat modelling, intelligence
  • Ensure operators employ strong operational security (OpSec), safe tradecraft, evidence collection, clean up post-engagement
  • Maintain up-to-date knowledge of Red Team tools, adversary TTPs, defensive controls, detection systems
Read More
Arrow Right

Red Hat OpenShift Engineer

Ivy Partners is a Swiss consulting firm that supports companies in their strateg...
Location
Location
Portugal , Porto
Salary
Salary:
Not provided
ivy.partners Logo
IVY Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 5 years of experience in OpenShift administration
  • Extensive knowledge in system administration, design, and operation of OpenShift platforms
  • Experience with Red Hat Enterprise Linux (RHEL) and CI/CD tools
  • Experience in managing Storage Servers and SAN Switches
  • Knowledge of infrastructure services and networking topologies
  • Strong organizational, multi-tasking, and time-management skills
  • Excellent communication and interpersonal skills
  • Proficiency in English (both written and oral)
  • Quick learner, eager to learn and apply new concepts
  • Great team player
Job Responsibility
Job Responsibility
  • Manage, configure, upgrade, and troubleshoot Red Hat OpenShift infrastructure
  • Ensure high availability, performance, and security of our OpenShift environments to meet business needs
  • Apply security policies and compliance rules within the OpenShift infrastructure
  • Manage changes through automation platforms and interact with various teams to understand and implement business requirements, security policies, and network connectivity
What we offer
What we offer
  • Supportive environment where everyone is valued
  • Training and career advancement opportunities both in Switzerland and internationally
  • Relationship based on transparency, professionalism, and commitment
  • Opportunity to combine technology and creativity to drive significant digital transformations
  • Positive impact through collective action
  • Fulltime
Read More
Arrow Right

Security/Intelligence Engineer, 2025/2026 Intern

Join Atlassian as an intern and spend your summer with us having an impact on ho...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Enrolled in a Bachelors or Masters degree in Computer Science / Software Engineering or a related technical field and completing your studies by January 2027
  • Great skills writing clean, efficient code
  • Be comfortable writing code and not depend on third-party products to do your job
  • Demonstrated interest in the Security Engineering field through academic coursework, previous work or internship experience, or personal projects
Job Responsibility
Job Responsibility
  • discover and fix security vulnerabilities within Atlassian products and services
  • hone your pen testing and Red Team skills
  • participate in architecture and code reviews
  • threat modelling
  • work with all Atlassian engineering groups
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Vector Command Specialist

As a Vector Command Specialist, you will work with a team of offensive security ...
Location
Location
United States
Salary
Salary:
89300.00 - 120800.00 USD / Year
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years in an active technical security role
  • Excellent written and verbal communication skills
  • Previous technical security consulting experience
  • Knowledge of modern penetration testing tools and methods
  • Knowledge of external attack surface reconnaissance techniques to identify customer’s internet facing exposures
  • Strong knowledge of network, web-based application, and IEEE 802.11 security concepts
  • Knowledge of Windows/Linux/UNIX internals and the Internet protocol suite
  • Experience using scripting languages such as Python and PowerShell
  • Experience with social engineering techniques and tactics related to reconnaissance and OSINT gathering
  • A Bachelor’s degree in Computer Science, MIS, CIS or a related field, or equivalent experience
Job Responsibility
Job Responsibility
  • Support Vector Command customers by conducting external attack surface analysis, exposure reconnaissance, account and tool integrations, preparing monthly red team report deliverables, and prioritizing customer requests
  • Work daily with Rapid7’s Vector Command Red Team operators, assisting with ongoing red team exercises and staying up to date on the latest vulnerabilities, customer attack surface changes, and exposures within customer environments
  • Onboard customers to the Vector Command platform and technologies
  • Oversee and ensure the completeness of customer report deliverables
  • Serve as the primary point of contact for customer inquiries related to testing operations, alerts, or general Vector Command questions associated with Red Team activities
  • Coordinate and host monthly Vector Command Red Team update calls in conjunction with a Rapid7 Red Team lead
  • Translate technical concepts and communicate them effectively to non-security personnel
  • Coordinate communications between internal Rapid7 services on behalf of customers, including the Managed Detection and Response (MDR) and Managed Vulnerability Management (MVM) teams
  • Provide monthly written summaries of each customer’s attack surface and Vector Command Red Team operations
  • Analyze each customer’s exposures and attack surface within the Vector Command platform
  • Fulltime
Read More
Arrow Right

Staff Offensive Security Engineer

At GEICO, we offer a rewarding career where your ambitions are met with endless ...
Location
Location
United States , Chevy Chase; Palo Alto; Seattle
Salary
Salary:
115000.00 - 230000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Mastery of vulnerability discovery and exploitation across applications, networks, and cloud using tools (e.g., Burp Suite, Metasploit), and custom scripts (Python, PowerShell)
  • Advanced understanding of OWASP, MITRE ATT&CK framework, software development lifecycle (SDLC), threat modeling, red/purple teaming, and attack path development
  • Hands-on experience with tools like Cobalt Strike, Mythic, BloodHound, and AutoSploit
  • Relevant professional security certifications (e.g. from GIAC or others)
  • Proven experience in achieving results efficiently through automation and establishing best practices
  • Proven track record to deliver business outcomes for meeting regulatory and compliance obligations
  • Ability to force multiply through coaching and mentorship to offensive security engineers across all functions (penetration testing, red teaming, purple teaming)
  • 8+ years in engineering focused role, preferably in the tech industry
  • 5+ years of experience in offensive security (penetrating testing, red team, and purple team)
  • 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities
Job Responsibility
Job Responsibility
  • Lead highly effective large-scale penetration testing initiatives
  • Participate in simulating real-world cyber-attacks (red teaming), and collaborating with defensive security teams (purple teaming)
  • Conduct tactical security penetration test assessments to validate the security of company applications (web, mobile, APIs, and AI products) against OWASP Top 10 threats and work with the Application Security team to provide feedback and recommendations to increase automated capabilities
  • Ensure penetration testing activities are meeting security, business, and compliance objectives and outcomes
  • Design and execute advanced threat emulation scenarios, including physical, social, and digital attack vectors
  • Collaborate with Blue Teams, Threat Intelligence, and Risk Management to ensure comprehensive attack coverage and feedback loops
  • Ensure operations align with industry regulations and compliance standards such as NIST, PCI DSS, and NYDFS
  • Champion continuous improvement and innovation in penetration testing, adversary simulation techniques, tools, and methodologies
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Security Engineering Manager

Corporate Tools is looking for a Security Engineering Manager who eats vulnerabi...
Location
Location
Salary
Salary:
185000.00 USD / Year
corporatetools.com Logo
Corporate Tools
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Computer Science or equivalent experience
  • 5+ years building and securing software — hands‑on experience with web frameworks (Rails, Django, Node, etc.) and modern architectures
  • Proven application security expertise: secure SDLC, OWASP, threat modeling, exploit mitigation, and vulnerability remediation
  • Experience leading security or engineering teams — setting strategy, running scrums, conducting reviews, and mentoring talent
  • Strong knowledge of cloud environments (AWS, Azure, GCP) and securing databases (SQL/NoSQL) in production
  • Exposure to offensive and defensive security practices — red team, blue team, or incident response experience a plus
  • Ability to communicate risk and solutions to execs, engineers, and auditors — respected by hackers and trusted by leadership
  • Pragmatic mindset: knows when to enable speed, when to block, and how to automate guardrails to keep teams fast and safe
Job Responsibility
Job Responsibility
  • Lead 6 security engineers across three specialized teams: Red (offense), Blue (defense), and Orange (compliance)
  • Own the security strategy and execution for offensive testing, defensive monitoring, and compliance work — ensuring all three disciplines are aligned
  • Act as the technical anchor for the teams: review code, guide exploits, drive secure architecture decisions, and mentor engineers
  • Partner with product and engineering leads to embed security into development (threat modeling, secure coding, CI/CD guardrails)
  • Build internal security tools and automation that make it easier for product teams to ship securely
  • Oversee red team engagements and turn findings into actionable fixes, not just reports
  • Manage defensive capabilities — incident response, detection engineering, monitoring — and continually improve them
  • Ensure compliance frameworks (SOC2, ISO, PCI, etc.) are met without slowing innovation or creating unnecessary bureaucracy
  • Set a high technical bar: coach, mentor, and challenge engineers to pursue elegant, practical security solutions
  • Balance being a builder and a leader: stay hands‑on enough to earn respect from hackers, but prioritize leading and scaling the team’s impact
What we offer
What we offer
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • The 4 holidays are: New Year’s Day, Fourth of July, Thanksgiving, and Christmas Day
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Use to make your remote work set up more comfortable, for continuing education classes, a plant for your desk, coffee for your coworker, a massage for yourself... really, whatever
  • Open concept office with friendly coworkers
Read More
Arrow Right

Security Engineer - Red Team

About Workato: Workato transforms technology complexity into business opportunit...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
workato.com Logo
Workato
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or related technical field
  • 5+ years in cybersecurity with a focus on offensive security, penetration testing, or red team operations
  • Advanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent)
  • Deep expertise in cloud security testing, particularly AWS environments
  • Proficiency in exploitation frameworks and tools (Nuclei, Metasploit, Burp, Cobalt Strike, custom tooling)
  • Scripting and automation skills (Python, Go, Bash, or similar)
  • Hands-on experience with vulnerability research and exploit development
  • Knowledge of threat modeling methodologies and attack path analysis
Job Responsibility
Job Responsibility
  • Join our Product Security team as a Security Engineer - Red Team and help secure the future of AI automation through offensive security operations
  • Conduct red team exercises and penetration tests to simulate real-world attacks and validate defensive controls
  • Perform vulnerability research and exploitation to validate attack paths and contribute to the security community
  • Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategies
  • Partner with Security Operations and Bug Bounty teams to enhance detection, response, and organizational resilience
  • Coordinate external red team and penetration testing engagements and third-party security assessments
  • Develop automated tools and frameworks to scale offensive security operations across systems and applications
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy