Senior Offensive Security Engineer

Senior Offensive Security EngineerSalary: £90,000 - £110,000 per annum

Location: UK - Remote

You’ll be responsible for identifying and mitigating security vulnerabilities across software products through a combination of secure code review, penetration testing, security assessments, and the development of custom tooling.

This role involves close collaboration with engineering teams to embed secure development practices throughout the software lifecycle – ensuring potential risks are addressed early in the development process.

Senior Offensive Security Engineer – Responsibilities:

• Conduct deep technical offensive security assessments against complex, distributed systems to uncover critical vulnerabilities across cloud, web applications, and internal services.
• Perform offensive testing throughout the software supply chain, including CI/CD pipelines, version control systems, and third-party integrations.
• Build and maintain automation and tooling to scale offensive testing across products and teams.
• Operate as a subject matter expert in offensive security, supporting risk-based product design decisions and architecture reviews.
• Contribute to threat modelling, red teaming strategy, and secure development practices throughout the product lifecycle.

Senior Offensive Security Engineer – Requirements:

• 5+ years of hands-on experience conducting offensive security testing in production cloud environments and highly scalable architectures.
• Strong technical knowledge of authentication/authorisation mechanisms, cloud security misconfigurations, multi-tenancy isolation issues, and API-level vulnerabilities.
• Experience testing and securing the software supply chain, including common attack paths within CI/CD, source control, and package dependencies.
• Proficiency in writing offensive tools and scripts (e.g., Python, Go, Java) to automate testing and exploit development.