Senior Internal Red Team Engineer
Ready to join a team of offensive security rockstars? At Horizon3.ai, we're on a mission to help organizations proactively defend themselves against real-world threats. We're a fully remote, fast-growing cybersecurity company founded by former U.S. Special Operations cyber operators and seasoned startup experts. If you're passionate about penetration testing, cloud security, and staying ahead of the latest threats, keep reading.
The Opportunity
As a Senior Internal Red Team Engineer, you'll be a key player in strengthening our company's security posture. You'll emulate advanced adversaries, identify critical vulnerabilities in our cloud and web environments, and work closely with our Blue Team to improve our overall defenses. This is your chance to make a real impact by protecting our data and digital services from sophisticated attacks.
What You'll Do
Threat Modeling & Attack Planning: Dive deep into threat modeling and risk assessments to pinpoint high-value targets and potential attack vectors.
Lead Red Team Operations: Design and execute end-to-end red team operations targeting our production cloud and web environments, mirroring real-world attack scenarios.
Source Code Review: Analyze source code (primarily Python and JavaScript) for critical vulnerabilities like logic flaws, injection flaws, and RCE opportunities.
Cloud & Kubernetes Configuration Audits: Conduct comprehensive security configuration audits of our AWS, Azure, GCP, Digital Ocean, and Kubernetes (K8s) environments to expose misconfigurations and overly permissive IAM policies.
CI/CD Pipeline Security: Evaluate and test the security of our CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions, ArgoCD, Crossplane, etc.) to identify attack paths and secret management vulnerabilities.
Advanced Penetration Testing: Execute in-depth penetration tests against critical web applications, APIs, and cloud-native services.
Purple Teaming: Collaborate with engineering and defensive teams (Blue Team) in purple team exercises to validate findings and improve detection and response capabilities in real-time, including retesting of remediations.
Tool & Methodology Development: Create custom tooling, exploits, and automation scripts to bypass security controls and enhance our red teaming capabilities.
Threat Research: Stay at the forefront of threat intelligence, vulnerabilities, and exploits; research and develop new exploitation techniques relevant to our technology stack.
Reporting & Communication: Document vulnerabilities, exploit paths, and their business impact in clear, detailed reports and presentations for both technical and leadership audiences.
What You'll Bring
5+ years of hands-on experience in offensive security, leading complex web application and cloud penetration tests.
Proven ability to identify vulnerabilities in source code (Python and JavaScript).
Deep experience attacking and auditing cloud environments (AWS, GCP, Azure) and Kubernetes clusters.
One or more advanced, industry-recognized offensive security certifications: OSCP, OSWE, OSCE, CRTO, or GIAC (GCPN, GXPN).
Expert-level knowledge of modern web application security, including the OWASP Top 10 and API security.
Proficiency in common offensive security tools (e.g., Burp Suite, Nmap) and C2 frameworks (e.g., Cobalt Strike, Sliver, Brute Ratel).
Strong written and verbal communication skills, with the ability to explain technical concepts to non-technical audiences.
Bonus Points
Experience in a blue team, incident response, or system administration role.
Experience with other cloud providers (e.g., GCP, Azure).
Experience with OSINT, phishing, and social engineering campaigns.
Familiarity with WAF technologies (e.g., AWS WAF, Akamai).
Relevant cloud or K8s certifications (e.g., AWS Certified Security - Specialty, Certified Kubernetes Administrator (CKA)).
What We Expect
An attacker's mindset and outstanding problem-solving skills.
Self-motivation, persistence, and the ability to work effectively with limited supervision.
Adaptability to new technologies and challenges.
Proficiency in designing, presenting, and evaluating technical solutions and attack paths.
Stand Out From the Crowd
Recognized security research, including documented CVE discoveries or published whitepapers.
Successful, high-impact contributions to bug bounty programs.
Publicly released security tools or contributions to major open-source security projects.
Experience presenting research at major security conferences (e.g., Black Hat, DEF CON).
Travel
We are a fully remote company. This job may require up to 5% travel.
Compensation & Perks
We value our employees and offer a competitive compensation package, including:
Base salary range: $195,000 - $242,000 annually (based on location, qualifications, experience, and skills).
Equity in the form of stock options.
Comprehensive health, vision, and dental insurance for you and your family.
Flexible vacation policy.
Generous parental leave.
Why Horizon3.ai?
Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.
Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.
Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.
Remote Work: We are a 100% remote company. Enjoy the flexibility to work in the way that supports you and brings out your best.
You Belong Here
Horizon3.ai is an equal opportunity employer committed to diversity, equity, and inclusion. We welcome candidates from all backgrounds and experiences.
Note: This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities.
Application Note: You may redact age-identifying information from your application materials.