Senior Offensive Security Engineer
198728
Desired skills:
Red-teaming, Penetration-testing, Exploitation, Application, Security, Cloud
Senior Offensive Security Engineer
Location: Dublin
Type: Full-Time
Salary: €100,000 - €125,000
A technical security group expanding its remit is adding an engineer who can move comfortably between structured offensive testing and the messier realities of live systems. The work leans on methodology, creativity, and the discipline required to validate assumptions rather than rely on scanning outputs. The environment is broad applications, identity flows, underlying infrastructure, and the occasional quirk that only shows up once multiple trust boundaries intersect.
It's a role suited to someone who enjoys breaking things responsibly, translating findings into actionable engineering guidance, and helping raise the security bar across a distributed estate.
The Role
You'll design and execute targeted offensive test plans, validate vulnerabilities, and support engineering teams through the remediation lifecycle. Expect deep dives into internal applications, APIs, containerised workloads, network pathways, cloud components, and identity configurations. You'll also participate in adversary-simulation exercises and provide clear technical reporting anchored in risk and exploitability.
Primary Responsibilities
1. Execute internal penetration tests across applications, infrastructure, identity workflows, and cloud-backed services
2. Validate and triage vulnerabilities, distinguishing genuine exploitable paths from noise
3. Produce concise, technically grounded findings and remediation guidance
4. Re-test fixes and document closure evidence
5. Contribute to threat-informed adversary simulations and coordinated red/blue engagements
6. Review externally submitted findings and support internal verification
7. Partner with engineering teams to improve designs, authentication flows, and control patterns
8. Maintain and enhance internal tooling, repeatable test patterns, and documentation used by the team
9. Provide risk summaries and posture updates to technical stakeholders
Skills & Experience
10. Strong technical background in offensive security, penetration testing, or exploit development
11. Hands-on experience with tooling such as Burp, Nmap, Kali, custom scripts, or internal frameworks
12. Solid understanding of application security, infrastructure fundamentals, and cloud-native attack paths
13. Ability to articulate complex vulnerabilities to technical and non-technical audiences
14. Experience guiding teams through remediation cycles
15. Familiarity with MITRE ATT&CK, OWASP, and threat modelling approaches
16. Certifications (OSCP, CRTO, GPEN, OSEP, are beneficial but not required
Reperio Human Capital acts as an Employment Agency and an Employment Business.
Recruiter not found