Your work directly powers our Exposure Validation platform, helping organizations understand and defend against modern adversaries.
What You Will Do?
Research & Simulate Real-World Attacks.
Track and analyze the latest attacker TTPs.
Build internal tools, scripts, and POCs to emulate real threat behavior.
Design offensive simulations mapped to the MITRE ATT&CK framework.
Focus areas include:
Active Directory attacks (on-prem & Azure).
Cloud infrastructure misconfigurations (AWS, Azure, GCP).
Linux and network-level attack vectors.
Kubernetes threats and container-based environments.
Write clean, reusable, and documented code in Python, PowerShell, and Bash.
Offensive Infrastructure Security Experience:
Proven background in infrastructure penetration testing or red teaming (not web-only)
Hands-on with Windows AD exploitation, network pivoting, lateral movement
Comfortable working across the entire attack chainfrom recon to post-exploitation.
Tool Proficiency:
Experience with tools like BloodHound, Mimikatz, Metasploit, Cobalt Strike.
Familiarity with attacker tradecraft and simulation tools.
Scripting & Automation.
Proficient in:
Python for automation and tooling.
PowerShell for Windows attack scenarios.
Bash for Linux environments and scripting.
Cloud & Linux Experience.
Worked in Linux-based systems during offensive operations.
Familiarity with cloud environments: AWS, Azure, GCP (attacks or research).
Bonus Points:
Used LLMs (like ChatGPT) for research or tooling enhancement.
Created internal labs, written attack POCs, or contributed to open-source offensive tooling.
Who You Are:
An attacker mindset: creative, curious, and always digging deeper.
Experienced enough to operate independentlybut still a team player.
Able to research, prototype, and write production-grade offensive content.
