Offensive Security Engineer
Offensive Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About Satispay
At Satispay were not just reimagining payments; were pioneering a movement toward simplicity and accessibility. Picture yourself at the forefront of innovation leading the way in revolutionizing payments and beyond! across Europe alongside a vibrant community of likeminded individuals driven by a shared vision: simplifying payments to improve everyones life.
Are you ready to be part of something bigger Satispay is the place for you! Come be part of our dynamic team and help us shape the future of payments in Europe.
Join us as an Offensive Security Engineer and lets make magic happen together.
Role Overview
As an Offensive Security Engineer you will play a key role in securing our cloud infrastructure mobile and web applications through internal penetration testing and adversary simulations. You will focus on identifying security weaknesses in our Android and iOS apps backend services and cloud infrastructure working closely with the Blue Team Cloud Development and Product teams to enhance security.
This role requires expertise in mobile security testing including the ability to use dynamic instrumentation tools to analyze and manipulate app behavior at runtime.
Your mission:
Penetration testing. Perform penetration testing on mobile (iOS & Android) and web applications to identify vulnerabilities across platforms.
Dynamic instrumentation. Use tools like Frida to bypass security controls and analyze mobile app behavior at runtime to uncover hardtodetect security flaws.
Adversary simulations. Simulate realworld attack scenarios to identify weaknesses and improve detection and mitigation capabilities.
Red Team methodology. Develop and maintain red team testing methodologies ensuring effective reporting and vulnerability remediation tracking.
Collaboration with Blue Team. Partner with the Blue Team to enhance detection in tools like Splunk and improve overall security posture.
Code review and remediation. Review source code (Java Kotlin Swift Python JavaScript) for security flaws and work with developers to fix vulnerabilities using secure coding practices.
Reporting and stakeholder collaboration. Provide detailed reports of findings and collaborate with internal stakeholders to ensure timely remediation.
Technical guidance and training: Train developers and security engineers on security best practices to strengthen overall security practices.
Knowledge integration. Stay current with mobile security threats and offensive techniques integrating them into testing strategies to stay ahead of risks.
Your ideal profile:
Penetration testing and Red Team experience: 3 years in penetration testing red teaming or offensive security.
Mobile app security expertise. You have knowledge of mobile application security for Android and iOS including reverse engineering hooking and runtime manipulation techniques.
Source code security. Youre skilled in analyzing source code for security flaws (Java Kotlin Swift Python JavaScript) and work closely with developers to address vulnerabilities.
Cloud security knowledge. You have an understanding of cloud security (AWS) and common misconfigurations or attack vectors.
Dynamic instrumentation proficiency. Experience with dynamic instrumentation tools like Frida for testing and manipulating mobile apps at runtime.
Web application security. You are familiar with OWASP Top 10 API security authentication & authorization flaws.
Threat intelligence. You are familiar with threat modeling adversary tactics (MITRE ATT&CK framework) and red team operations.
Communication skills. Excellent written and verbal communication skills for technical reporting and stakeholder collaboration.
Static and dynamic application security testing. Experience with SAST and DAST methodologies to identify and mitigate security vulnerabilities in applications.
CI/CD Security and DevSecOps. Familiarity with CI/CD security and DevSecOps practices to integrate security into development pipelines.
Automating security assessments. Experience automating security assessments using scripting/tooling.
Dont let a checklist hold you back at Satispay we thrive on diverse perspectives and unique strengths. Your individuality could be the missing piece to our puzzle! Even if you dont meet every skill listed above we encourage you to apply if youre passionate about the role and believe you can contribute to our teams success.
Your perks as a Satisperson
Join an international team to grow with
Hybrid working policy
Fuel your day with our meal vouchers
Preply language platform access to expand your language skills
Benefit from our 1.2k company welfare budget
Own part of Satispays success with our Stock Option Plan
Gear up with our tech equipment
Join us in the fun with teambuilding events parties trips and more!
Our selection process is tailored to each role and includes at least a call with our Talent Acquisition Team a technical evaluation and a final inperson meeting. Your recruiter will share more insights during your first meeting with us!
Equal Opportunity Employer
At Satispay were proud to be an equalopportunity employer. We celebrate diversity and inclusion welcoming individuals of all backgrounds. This opportunity is open to everyone regardless for instance of race color religion sex gender identity sexual orientation and national origin. Join us in a workplace where everyone belongs!
Learn More About Us
Curious about our core values Explore them here.
#LIGA1
#LIHYBRID
Employment Type
Full-Time
