Full Job Description
We are seeking a Senior APT & Automated Validation Engineer who is more than a pentester-a developer who understands how to orchestrate, script and chain network and web app exploits so they run autonomously. In this role, you will engineer automated exploit scripts, configure continuous validation frameworks and safely validate vulnerabilities across live infrastructure. Responsibilities Sequence vulnerabilities together to achieve advanced outcomes, such as pairing a low-severity information disclosure with an SSRF to achieve Remote Code Execution Develop custom exploits and automate complex multi-stage authentication scripts, handling OAuth, TOTP and MFA programmatically Configure and scale continuous automated security validation tools Engineer automated exploit scripts that safely validate vulnerabilities without crashing live network infrastructure or corrupting production databases Apply intimate knowledge of the OSI model and core network protocols to orchestrate network and web app exploits Design threat models to guide validation strategies Manage vulnerabilities across production environments Leverage cyber threat intelligence to inform exploit chaining and validation efforts Requirements 3+ years of experience in penetration testing, exploit development or automated security validation Deep understanding of how to sequence vulnerabilities together to achieve outcomes such as Remote Code Execution Strong proficiency in Python, Go and Bash to write custom exploits and automate multi-stage authentication scripts Experience configuring and scaling continuous automated security validation tools such as Pentera, Cymulate and Picus Intimate knowledge of the OSI model, core network protocols such as DNS, BGP and TCP/IP Understanding of web application vulnerabilities including OWASP Top 10 and API flaws like IDOR Proven ability to engineer automated exploit scripts that can safely validate vulnerabilities without crashing live infrastructure or corrupting production databases Skills in cyber threat intelligence, threat modeling and vulnerability management