CrawlJobs Logo

Red Team Security Engineer

South Africa, Cape Town · Job Posted July 03, 2026
Apply Position
Job Link Share

Job Description

At Sabio Group, we build and operate AI-powered customer experience platforms for some of the world's most demanding enterprise brands. As we push deeper into agentic AI, multi-cloud architectures and high-volume conversational systems, the attack surface evolves with us — and we need people who can think like adversaries to keep our customers, our data and our reputation safe. We're hiring a Red Team Security Engineer to join our Information Security & Cyber Security team in South Africa. You'll be the offensive counterpart to our defensive function: stress-testing the solutions we design, build and operate — from cloud-native services to LLM-powered agents — by attacking them the way a real adversary would, and partnering with engineering teams to fix what you find. This is a hands-on role for someone who is genuinely curious about how systems break, comfortable writing code as well as reading it, and excited about the new class of vulnerabilities emerging in AI and agentic systems.

Job Responsibility

  • Plan and execute red team engagements, penetration tests and adversary simulations against our platforms, products and corporate environment
  • Identify, exploit and document vulnerabilities across web applications, APIs, cloud infrastructure, identity systems and AI/LLM-based services
  • Develop realistic attack scenarios — initial access, privilege escalation, lateral movement, data exfiltration — mapped to frameworks such as MITRE ATT&CK
  • Build and maintain custom tooling, exploits and automation where off-the-shelf tools fall short
  • Leverage AI pen testing tooling and frameworks as a force amplifier within your role
  • Active, hands-on use of AI-powered offensive security tooling as a core part of your workflow — leveraging LLMs and agentic assistants to accelerate reconnaissance, exploit development, code review, payload generation and report writing
  • Familiarity with emerging AI red-team frameworks and platforms — e.g. PyRIT, Garak, Promptfoo, NVIDIA Aegis, Microsoft Counterfit, HackerOne / Bugcrowd AI testing toolkits, or equivalent — and a practical sense of when to use which
  • Experience building or extending automated AI red-team harnesses: prompt-injection test suites, jailbreak corpora, tool-abuse scenarios, multi-turn attack agents, and regression eval sets for LLM and agentic systems
  • Pragmatic judgement on the limits and risks of AI-assisted offensive work — hallucinated findings, false confidence, data leakage into third-party models — and the discipline to validate AI output before acting on it
  • Curiosity to keep pace with a fast-moving space: new models, new attack techniques, new defensive controls — and a willingness to bring those learnings back into the team
  • Probe LLM-powered and agentic systems for prompt injection, jailbreaks, tool/function-call abuse, context leakage, insecure output handling and supply-chain risks
  • Test RAG pipelines, knowledge bases and integrations for data exfiltration, poisoning and unauthorised access paths
  • Contribute to internal threat models for agentic architectures and help shape secure-by-default patterns for multi-agent and tool-using systems
  • Stay close to evolving standards and guidance (e.g. OWASP Top 10 for LLMs, NIST AI RMF, emerging agent interoperability protocols)
  • Perform deep-dive security testing of cloud workloads across AWS, Azure and/or GCP — IAM, network, container, serverless and data-layer concerns
  • Review CI/CD pipelines, IaC (Terraform, CloudFormation, Bicep) and Kubernetes deployments for misconfigurations and exploitable weaknesses
  • Conduct source-assisted ("grey-box") testing — reading code to find logic flaws, authZ gaps and unsafe integrations
  • Triage findings, assign realistic severity, and write clear, reproducible reports with concrete remediation guidance
  • Partner with engineering teams to validate fixes, advise on secure design and pair on hardening work — not just throw findings over the wall
  • Drive continuous improvement of detection coverage by working with the blue team / SOC on purple-team exercises
  • Build automation that turns one-off tests into repeatable, scheduled checks — exposure scanning, attack-path analysis, agent red-teaming harnesses
  • Integrate offensive testing into the SDLC: SAST/DAST/IAST, dependency scanning, secrets detection, container and IaC scanning
  • Treat evaluation and regression of security controls as a first-class deliverable — measured, not assumed
  • Work alongside the Head of Information Security, AI Ethics leads, platform engineering and product teams to embed security early
  • Produce clear design reviews, threat models, runbooks and post-engagement reports for both technical and executive audiences
  • Operate within strict rules of engagement, with care for production stability, customer data and legal/regulatory obligations

Requirements

  • Demonstrable hands-on experience in offensive security — penetration testing, red teaming, or adversary simulation — against modern web, API and cloud-based systems
  • Strong understanding of common vulnerability classes (OWASP Top 10, authZ flaws, SSRF, deserialisation, injection, cryptographic misuse) and how to chain them into real impact
  • Solid grasp of cloud security in at least one major provider (AWS, Azure or GCP): IAM, networking, key management, container and serverless services, common misconfigurations and attack paths
  • Practical understanding of AI/LLM systems — how they work, where they fail, and the new risks they introduce (prompt injection, jailbreaks, insecure tool use, training/RAG data exposure)
  • Coding capability in at least one of Python, Go, JavaScript/TypeScript or similar — comfortable writing exploits, tooling and automation, not just running other people's tools
  • Confidence with offensive tooling — Burp Suite, nmap, Nuclei, BloodHound, Metasploit, custom scripts — and the judgement to know when to build vs. buy
  • Familiarity with CI/CD, containers and IaC (Docker, Kubernetes, Terraform or equivalent) and how to attack and defend them
  • An evaluation mindset: you measure security posture with reproducible tests, metrics and evidence — not gut feel
  • Comfort with agentic development workflows — using AI coding assistants and AI co-work / pair-development models (Claude Code, Copilot, Cursor or equivalent) as part of your day-to-day delivery
  • Clear written and verbal communication in English: able to brief engineers, executives and (where relevant) customers on findings and risk
  • A strong ethical compass and discipline around scope, rules of engagement, evidence handling and responsible disclosure

Nice to have

  • Industry certifications such as OSCP, OSEP, OSWE, CRTO, CRTP, GPEN, GXPN, GCPN, AWS/Azure/GCP security specialties or equivalent
  • Experience red-teaming or evaluating agentic AI / LLM systems in production — prompt injection campaigns, tool-abuse testing, multi-agent attack scenarios, AI red-team frameworks
  • Exposure to purple teaming and detection engineering: working with SOC/SIEM (e.g. Sentinel, Splunk, Defender XDR) to improve detections from offensive findings
  • Experience with identity attacks across Entra ID / Azure AD, Active Directory, OAuth/OIDC and federated environments
  • Source-code review skills and threat modelling experience (STRIDE, attack trees, MITRE ATLAS for AI)
  • Familiarity with regulatory and standards contexts relevant to enterprise customers — ISO 27001, SOC 2, PCI DSS, GDPR, POPIA
  • Experience contributing to or running bug bounty programmes, CTFs, or open-source security tooling
  • Awareness of emerging agent interoperability and security standards (e.g. MCP, A2A) and their attack surfaces
  • Prior experience in a SaaS, cloud platform or AI/ML company where production systems were the target of testing — useful context, but not required
  • Public research, conference talks, CVEs, or community contributions in offensive security or AI security

What we offer

  • Remote/Flexible work
  • Discovery Medical Aid
  • Connectivity Allowance
  • 15 days paid holiday a year- (this includes three Sabio days)
  • Momentum EAP

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Red Team Security Engineer

8 matching positions

Senior Security Engineer (Red Team Specialist)

We are seeking a highly skilled and experienced Senior Security Engineer Penetra...
Location
Location
Indonesia , Jakarta
Salary
Salary:
Not provided
Flip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field
  • Relevant certifications such as OSCP, OSCE, GPEN, or GXPN are highly desirable
  • Minimum of 5 years of hands-on experience in penetration testing (mobile applications {Android and iOS}, web applications, and API), red teaming, or ethical hacking, with a proven track record of identifying and exploiting vulnerabilities
  • Demonstrate a strong grasp of end-to-end SDLC, DevSecOps, and application development for web and mobile applications
  • Expertise in using various security testing tools and frameworks (e.g., Metasploit, Burp Suite, Nmap, etc.) and manual techniques to conduct thorough security assessments
  • Proficiency in programming and scripting languages (e.g., Python, Go, Shell Script) to develop custom tools and automation scripts
  • Strong understanding of network protocols, operating systems, and common security technologies (SIEM, XDR/EDR, firewalls, IDS/IPS, WAFs, etc.)
  • In-depth knowledge of cybersecurity principles, attack vectors, and defense strategies. Familiarity with threat intelligence and risk assessment methodologies, OWASP, Cloud Security best practices
  • Excellent analytical and problem-solving abilities, with a proactive approach to identifying and mitigating security risks
  • Effective verbal and written communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Lead and conduct penetration testing and red teaming activities against our organization's networks, applications, and physical security
  • Perform comprehensive security assessments to identify vulnerabilities and potential weaknesses
  • Develop realistic attack scenarios based on current threat intelligence and industry best practices
  • Simulate sophisticated attack techniques to identify gaps in our security controls and defenses
  • Conduct in-depth vulnerability assessments and risk analyses, utilizing various security testing tools and manual techniques
  • Provide detailed reports outlining identified vulnerabilities and recommended remediation actions
  • Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and attack techniques
  • Continuously monitor emerging trends and industry developments to inform our security strategies
  • Collaborate with the security team and other stakeholders to review and improve our organization's security architecture, ensuring it aligns with industry standards and best practices
  • Assist the incident response team in handling cybersecurity incidents, performing forensic investigations, and providing expertise on the adversary's techniques and tactics
  • Fulltime
Read More
Arrow Right

Security Engineer - Red Team

About Workato: Workato transforms technology complexity into business opportunit...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
workato.com Logo
Workato
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or related technical field
  • 5+ years in cybersecurity with a focus on offensive security, penetration testing, or red team operations
  • Advanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent)
  • Deep expertise in cloud security testing, particularly AWS environments
  • Proficiency in exploitation frameworks and tools (Nuclei, Metasploit, Burp, Cobalt Strike, custom tooling)
  • Scripting and automation skills (Python, Go, Bash, or similar)
  • Hands-on experience with vulnerability research and exploit development
  • Knowledge of threat modeling methodologies and attack path analysis
Job Responsibility
Job Responsibility
  • Join our Product Security team as a Security Engineer - Red Team and help secure the future of AI automation through offensive security operations
  • Conduct red team exercises and penetration tests to simulate real-world attacks and validate defensive controls
  • Perform vulnerability research and exploitation to validate attack paths and contribute to the security community
  • Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategies
  • Partner with Security Operations and Bug Bounty teams to enhance detection, response, and organizational resilience
  • Coordinate external red team and penetration testing engagements and third-party security assessments
  • Develop automated tools and frameworks to scale offensive security operations across systems and applications
Read More
Arrow Right

Security Engineer - Red Team

Join our Product Security team as a Security Engineer - Red Team and help secure...
Location
Location
Spain; Portugal
Salary
Salary:
Not provided
workato.com Logo
Workato
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or related technical field
  • 5+ years in cybersecurity with a focus on offensive security, penetration testing, or red team operations
  • Advanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent)
  • Deep expertise in cloud security testing, particularly AWS environments
  • Proficiency in exploitation frameworks and tools (Nuclei, Metasploit, Burp, Cobalt Strike, custom tooling)
  • Scripting and automation skills (Python, Go, Bash, or similar)
  • Hands-on experience with vulnerability research and exploit development
  • Knowledge of threat modeling methodologies and attack path analysis
Job Responsibility
Job Responsibility
  • Adversarial Exercises and Penetration Testing: Conduct red team exercises and penetration tests to simulate real-world attacks and validate defensive controls
  • Exploitation and Vulnerability Research: Perform vulnerability research and exploitation to validate attack paths and contribute to the security community
  • Threat Modeling and Attack Simulation: Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategies
  • SecOps and Bug Bounty Collaboration: Partner with Security Operations and Bug Bounty teams to enhance detection, response, and organizational resilience
  • External Testing Coordination: Coordinate external red team and penetration testing engagements and third-party security assessments
  • Security Automation and Tooling: Develop automated tools and frameworks to scale offensive security operations across systems and applications
What we offer
What we offer
  • vibrant and dynamic work environment
  • multitude of benefits they can enjoy inside and outside of their work lives
Read More
Arrow Right

Security Engineer - Red Team

Join our Product Security team as a Security Engineer - Red Team and help secure...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
workato.com Logo
Workato
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or related technical field
  • 5+ years in cybersecurity with a focus on offensive security, penetration testing, or red team operations
  • Advanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent)
  • Deep expertise in cloud security testing, particularly AWS environments
  • Proficiency in exploitation frameworks and tools (Nuclei, Metasploit, Burp, Cobalt Strike, custom tooling)
  • Scripting and automation skills (Python, Go, Bash, or similar)
  • Hands-on experience with vulnerability research and exploit development
  • Knowledge of threat modeling methodologies and attack path analysis
Job Responsibility
Job Responsibility
  • Adversarial Exercises and Penetration Testing: Conduct red team exercises and penetration tests to simulate real-world attacks and validate defensive controls
  • Exploitation and Vulnerability Research: Perform vulnerability research and exploitation to validate attack paths and contribute to the security community
  • Threat Modeling and Attack Simulation: Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategies
  • SecOps and Bug Bounty Collaboration: Partner with Security Operations and Bug Bounty teams to enhance detection, response, and organizational resilience
  • External Testing Coordination: Coordinate external red team and penetration testing engagements and third-party security assessments
  • Security Automation and Tooling: Develop automated tools and frameworks to scale offensive security operations across systems and applications
Read More
Arrow Right

Senior Security Engineer - Red Team

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
  • equivalent experience
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Discover and exploit vulnerabilities end-to-end in order to assess the security of services
  • Execute and lead Red Team operations using real world adversarial tactics and techniques to validate a production service's ability to detect, investigate, and respond
  • Advocate for security change across the company through building partnerships and clearly communicating impact of risks
  • Analyze a wide array of data sources to identify potential security weaknesses and breach points within Microsoft’s infrastructure
  • Prototype tools and techniques to scale and accelerate offensive emulation and vulnerability discovery
  • Collaborate with Blue Teams to improve readiness and produce solutions for defenders and customers
  • Analyze simulated adversary tactics and communications, enriching our defensive tactics and threat intelligence
  • Fulltime
Read More
Arrow Right

Security Engineer Iv (Red Team) - Project Based

At ASI, we are revolutionizing industries with state-of-the-art autonomous robot...
Location
Location
United States , Logan
Salary
Salary:
100730.00 - 117519.00 USD / Year
asirobots.com Logo
Autonomous Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, Electrical Engineering, or a related field
  • 8+ years of experience in penetration testing, red team operations, or offensive security
  • Hands-on experience testing software written in C, C++, and C#
  • Proficiency with offensive security tools such as Metasploit, Burp Suite, or similar frameworks
  • Working knowledge of exploit techniques including memory corruption, privilege escalation, and lateral movement
  • Familiarity with network attack vectors including TLS weaknesses, PKI misconfigurations, and protocol vulnerabilities
  • Scripting experience in Python, Bash, or similar for exploit automation and tooling
  • Familiarity with hardware security primitives such as Secure Boot, TPMs, or HSMs
Job Responsibility
Job Responsibility
  • Plan and execute penetration tests against software, firmware, network, and embedded system targets
  • Conduct red team exercises that simulate adversarial attack scenarios against autonomous platforms
  • Identify and exploit vulnerabilities in C, C++, and C# codebases through targeted security assessments
  • Assess network attack surfaces including TLS implementations, certificate handling, and encrypted protocols
  • Develop detailed findings, exploit chains, and remediation recommendations for engineering teams
  • Operate offensive security tooling including exploit frameworks, SAST, DAST, and fuzzing platforms
  • Validate remediations through re-testing to confirm fixes hold against known attack techniques
  • Support evidence collection and audit preparation for SOC 2 and ISO 27001 assessments
What we offer
What we offer
  • Full Benefits - 90% Medical
  • Generous PTO
  • Quarterly and Yearly Bonus Incentives
  • Fulltime
Read More
Arrow Right

Security Engineer II - Red Team

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field
  • OR equivalent experience
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • 3+ years' experience in any of the following: identifying security vulnerabilities, cyber security or related security discipline, or software engineering-related field
Job Responsibility
Job Responsibility
  • Discover and exploit vulnerabilities end-to-end in order to assess the security of services
  • Contribute to the execution of Red Team operations using real world adversarial tactics and techniques to validate a production service's ability to detect, investigate, and respond
  • Advocate for security change across the company through building partnerships and clearly communicating impact of risks
  • Analyze a wide array of data sources, including source code, to identify potential security weaknesses and breach points within Microsoft’s infrastructure
  • Collaborate with Blue Teams to improve readiness and produce solutions for defenders and customers
  • Analyze simulated adversary tactics and communications, enriching our defensive tactics and threat intelligence
  • Leverage Artificial Intelligence and agentic approaches for vulnerability discovery and threat emulation
  • Prototype tools and techniques to scale and accelerate offensive emulation and vulnerability discovery
  • Fulltime
Read More
Arrow Right

Principal Software Engineer - Red Team

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Multiple Locations
Salary
Salary:
142800.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • Expertise in red teaming, adversarial testing, and offensive security—including threat emulation, vulnerability discovery, and ethical hacking
  • Experience with Large Language Models (LLMs) and agentic AI systems
  • Strong background in system design and cloud platforms (Azure, AWS, GCP)
  • 8 years of professional software development experience in an OOL such as C# or Java and Bachelor’s degree in computer science or related fields, or equivalent experience
Job Responsibility
Job Responsibility
  • Design, implement, and support AI-driven red team services using generative as well as traditional AI techniques
  • Research, experiment with, and productionize frontier AI capabilities and design patterns
  • Research the latest attack techniques used by internal red teams and external threat actors
  • Contribute to red team tools for use by both human operators and AI red teaming services
  • Support partner development teams in contributing to our services and tools
  • Partner with internal defensive security teams to improve their detection, investigation, and response capabilities
  • Build strong relationships with your peers through design, code reviews, and mentoring
  • Fulltime
Read More
Arrow Right