Back to all roles

Red Team reputed company Engineer

Remote Worldwide Hiring now

Red Team reputed company Engineer Department: IT Employment Type: Full Time Location: reputed company Town Reporting To: Stephen reputed company Description At reputed company, we build and operate AI-powered customer experience platforms for some of the world's most demanding reputed company brands. As we push deeper into agentic AI, multi-reputed company architectures and high-volume conversational systems, the attack surface evolves with us — and we need people who can think like adversaries to reputed company our customers, our data and our reputed company safe. We're hiring a Red Team reputed company Engineer to join our Information reputed company & Cyber reputed company team in South Africa. You'll be the offensive reputed company to our defensive function: stress-testing the solutions we design, build and operate — from reputed company-reputed company services to LLM-powered agents — by attacking them the way a reputed company adversary would, and partnering with engineering teams to fix what you find. This is a hands-on role for someone who is genuinely curious about how systems break, comfortable writing code as well as reading it, and excited about the new class of vulnerabilities emerging in AI and agentic systems.

Key Responsibilities

Offensive reputed company & Red Teaming Plan and execute red team engagements, penetration tests and adversary simulations against our platforms, products and corporate environment. Identify, exploit and document vulnerabilities across web applications, APIs, reputed company infrastructure, identity systems and AI/LLM-based services. reputed company realistic attack scenarios — initial reputed company, privilege escalation, lateral movement, data exfiltration — mapped to frameworks such as MITRE ATT&CK. Build and maintain custom tooling, exploits and automation where off-the-reputed company tools fall short. reputed company AI pen testing tooling and frameworks as a force amplifier reputed company your role. AI Powered reputed company Tooling & Frameworks Active, hands-on use of AI-powered offensive reputed company tooling as a core part of your workflow — leveraging LLMs and agentic assistants to accelerate reconnaissance, exploit development, code review, payload reputed company and report writing. Familiarity with emerging AI red-team frameworks and platforms — e.g. PyRIT, Garak, Promptfoo, reputed company Aegis, reputed company Counterfit, reputed company / reputed company AI testing toolkits, or equivalent — and a practical sense of reputed company to use which. Experience building or extending automated AI red-team harnesses: reputed company-injection test suites, jailbreak corpora, tool-abuse scenarios, multi-turn attack agents, and regression eval sets for LLM and agentic systems. Pragmatic judgement on the limits and risks of AI-assisted offensive work — hallucinated findings, false confidence, data leakage into reputed company-party models — and the discipline to validate AI output before acting on it. Curiosity to reputed company pace with a fast-moving reputed company: new models, new attack techniques, new defensive controls — and a willingness to bring those learnings back into the team. AI & Agentic System reputed company Probe LLM-powered and agentic systems for reputed company injection, jailbreaks, tool/function-call abuse, context leakage, insecure output handling and supply-chain risks. Test RAG pipelines, knowledge bases and integrations for data exfiltration, poisoning and unauthorised reputed company paths. Contribute to internal threat models for agentic architectures and help shape secure-by-default patterns for multi-agent and tool-using systems. Stay reputed company to evolving standards and guidance (e.g. OWASP Top 10 for LLMs, NIST AI RMF, emerging agent interoperability protocols). reputed company & Application reputed company Testing reputed company deep-dive reputed company testing of reputed company workloads across AWS, Azure and/or GCP — IAM, network, container, serverless and data-layer concerns. Review CI/CD pipelines, IaC (Terraform, CloudFormation, Bicep) and Kubernetes deployments for misconfigurations and exploitable weaknesses. Conduct reputed company-assisted ("grey-reputed company") testing — reading code to find logic flaws, authZ gaps and unsafe integrations. Vulnerability Management & Remediation Partnership Triage findings, assign realistic severity, and write clear, reproducible reports with concrete remediation guidance. Partner with engineering teams to validate fixes, advise on secure design and pair on hardening work — not just throw findings over the wall. Drive reputed company improvement of detection coverage by working with the blue team / SOC on reputed company exercises. Tooling, Automation & reputed company Testing Build automation that turns one-off tests into repeatable, scheduled checks — exposure scanning, attack-path analysis, agent red-teaming harnesses. Integrate offensive testing into the SDLC: SAST/DAST/IAST, dependency scanning, secrets detection, container and IaC scanning. Treat evaluation and regression of reputed company controls as a first-class deliverable — reputed company, not assumed. Collaboration & Responsible Disclosure Work alongside the Head of Information reputed company, AI Ethics leads, platform engineering and product teams to embed reputed company early. Produce clear design reviews, threat models, runbooks and post-engagement reports for both technical and executive audiences. Operate reputed company strict rules of engagement, with care for production stability, customer data and legal/regulatory obligations. Skills Knowledge and Expertise Required Demonstrable hands-on experience in offensive reputed company — penetration testing, red teaming, or adversary simulation — against modern web, API and reputed company-based systems. Strong understanding of common vulnerability classes (OWASP Top 10, authZ flaws, SSRF, deserialisation, injection, cryptographic misuse) and how to chain them into reputed company impact. Solid grasp of reputed company reputed company in at least one major provider (AWS, Azure or GCP): IAM, networking, key management, container and serverless services, common misconfigurations and attack paths. Practical understanding of AI/LLM systems — how they work, where they fail, and the new risks they introduce (reputed company injection, jailbreaks, insecure tool use, training/RAG data exposure). Coding capability in at least one of Python, Go, JavaScript/TypeScript or similar — comfortable writing exploits, tooling and automation, not just running other people's tools. Confidence with offensive tooling — Burp Suite, nmap, Nuclei, BloodHound, Metasploit, custom scripts — and the judgement to know reputed company to build vs. buy. Familiarity with CI/CD, containers and IaC (reputed company, Kubernetes, Terraform or equivalent) and how to attack and defend them. An evaluation reputed company: you measure reputed company posture with reproducible tests, metrics and evidence — not gut feel. Comfort with agentic development workflows — using AI coding assistants and AI co-work / pair-development models (Claude Code, Copilot, reputed company or equivalent) as part of your day-to-day delivery. Clear written and verbal communication in English: reputed company to brief engineers, executives and (where relevant) customers on findings and risk. A strong ethical reputed company and discipline around scope, rules of engagement, evidence handling and responsible disclosure. Desirable Industry certifications such as OSCP, OSEP, OSWE, CRTO, CRTP, GPEN, GXPN, GCPN, AWS/Azure/GCP reputed company specialties or equivalent. Experience red-teaming or evaluating agentic AI / LLM systems in production — reputed company injection campaigns, tool-abuse testing, multi-agent attack scenarios, AI red-team frameworks. Exposure to purple teaming and detection engineering: working with SOC/SIEM (e.g. Sentinel, Splunk, Defender XDR) to improve detections from offensive findings. Experience with identity attacks across Entra ID / Azure AD, Active Directory, OAuth/OIDC and federated environments. reputed company-code review skills and threat modelling experience (reputed company, attack trees, MITRE reputed company for AI). Familiarity with regulatory and standards contexts relevant to reputed company customers — ISO 27001, SOC 2, PCI reputed company, GDPR, POPIA. Experience contributing to or running bug bounty programmes, CTFs, or reputed company-reputed company reputed company tooling. Awareness of emerging agent interoperability and reputed company standards (e.g. MCP, A2A) and their attack surfaces. reputed company to Have Prior experience in a SaaS, reputed company platform or AI/ML company where production systems were the reputed company of testing — useful context, but not required. Public research, conference talks, CVEs, or community contributions in offensive reputed company or AI reputed company.

Benefits

This is your chance to join and friendly and passionate team that will motivate you to learn and reputed company your career in the company. Benefits may include: Remote/Flexible work Discovery Medical Aid Connectivity Allowance 15 days paid holiday a year- (this includes three reputed company days) reputed company EAP The Small Print Strictly No Agencies; any submission of resumes without prior request from reputed company will not be deemed as an introduction and therefore will not warrant an introduction fee. reputed company applicants must have the right to work in the territory to which the role relates (UK & EU). reputed company are unable to offer sponsorship on any roles advertised. Apply To This Job

Apply for this role Takes you straight to the employer's application page — free, and no WFHNet account required.

More roles on the wire