Offensive Security Engineer

Sporty Group

Completely RemoteFull TimeInformation Technology
Posted Yesterday

Job description

Responsibilities

  • Monitor, map, and test the entire external attack surface including domains, subdomains, and public IP addresses
  • Conduct adversary emulation exercises against internal and office endpoints to validate EDR, XDR, and SOC monitoring
  • Evaluate security posture of physical office hardware, corporate network equipment, and internal edge infrastructure
  • Perform scoped offensive testing on external-facing web applications and public-facing API endpoints
  • Translate discovery and emulation findings into repeatable defensive checks and remediation blueprints
  • Support Purple Team efforts to validate EDR policies, perimeter controls, and network segmentation
  • Track external vulnerability gaps, emulation success rates, and remediation times

Requirements

  • Experience in offensive security, perimeter penetration testing, or adversary emulation
  • Strong understanding of external asset discovery, DNS vulnerabilities, and public IP routing
  • Practical experience auditing Linux and Windows environments and network services
  • Ability to perform adversary emulation and bypass techniques against modern EDR/XDR solutions
  • Familiarity with testing physical office network hardware, routers, switches, and firewalls
  • Experience with core web vulnerabilities and API interface testing
  • Strong scripting ability in Python, PowerShell, or Bash
  • Proficiency with scanning, reconnaissance, and interception tools

Preferred Qualifications

  • Expertise with Kali Linux, Nmap, Shodan, Censys, Masscan, or Amass
  • Experience with Burp Suite, OWASP ZAP, or Wireshark
  • Familiarity with Microsoft Defender XDR, CrowdStrike Falcon, or SentinelOne
  • Knowledge of Atomic Red Team or Caldera

Benefits

  • Remote-first work environment
  • Competitive salary plus quarterly performance-based bonuses
  • 28 days paid annual leave
  • Flexible working hours around core time (10am-3pm local)
  • Referral and flash bonuses
  • Top-of-the-line equipment
  • Annual company retreats

About the Company

Sporty is a remote-first company in pursuit of sustainability.

Skills & tools

Penetration TestingPythonLinux

What the team is looking for

Use this list as a quick fit check before you apply.

  1. 01Offensive security experience
  2. 02Perimeter penetration testing
  3. 03Adversary emulation
  4. 04DNS configuration knowledge
  5. 05Linux and Windows auditing
  6. 06Python, PowerShell, or Bash scripting
ScoutJobsAd

Wake up to a shortlist, not a search results page.

ScoutJobs scores every new listing against your CV, salary floor and visa. A handful of real matches by morning.

Get your daily matches