Requirements: English
Company: Satispay
Region: Milan , Lombardy
At Satispay, we are not just reimagining payments; we are pioneering a movement towards simplicity and accessibility. Picture yourself at the forefront of innovation, leading the way in revolutionizing payments and beyond! Join a vibrant community of like-minded individuals across Europe, driven by a shared vision: simplifying payments to improve everyone''s lives.Are you ready to be part of something bigger? Satispay is the place for you! Come be part of our dynamic team and help us shape the future of payments in Europe.Join us as an Offensive Security Engineer and let''s make magic happen together.Role OverviewAs an Offensive Security Engineer, you will play a key role in securing our cloud infrastructure, mobile, and web applications through internal penetration testing and adversary simulations. You will focus on identifying security weaknesses in our Android and iOS apps, backend services, and cloud infrastructure, working closely with the Blue Team, Cloud Development, and Product teams to enhance security.This role requires expertise in mobile security testing, including the ability to use dynamic instrumentation tools to analyze and manipulate app behavior at runtime.Your mission :Penetration testing: Perform penetration testing on mobile (iOS & Android) and web applications to identify vulnerabilities across platforms.Dynamic instrumentation: Use tools like Frida to bypass security controls and analyze mobile app behavior at runtime to uncover hard-to-detect security flaws.Adversary simulations: Simulate real-world attack scenarios to identify weaknesses and improve detection and mitigation capabilities.Red Team methodology: Develop and maintain red team testing methodologies, ensuring effective reporting and vulnerability remediation tracking.Collaboration with Blue Team: Partner with the Blue Team to enhance detection tools like Splunk and improve overall security posture.Reporting and stakeholder collaboration: Provide detailed reports of findings and collaborate with internal stakeholders to ensure timely remediation.Technical guidance and training: Train developers and security engineers on security best practices to strengthen overall security practices.Knowledge integration: Stay current with mobile security threats and offensive techniques, integrating them into testing strategies to stay ahead of risks.Your ideal profile :Penetration testing and Red Team experience: 3 years in penetration testing, red teaming, or offensive security.Mobile app security expertise: Knowledge of mobile application security for Android and iOS, including reverse engineering, hooking, and runtime manipulation techniques.Cloud security knowledge: Understanding of cloud security (AWS) and common misconfigurations or attack vectors.Dynamic instrumentation proficiency: Experience with tools like Frida for testing and manipulating mobile apps at runtime.Web application security: Familiarity with OWASP Top 10, API security, authentication & authorization flaws.Threat intelligence: Knowledge of threat modeling, adversary tactics (MITRE ATT&CK framework), and red team operations.Communication skills: Excellent written and verbal communication skills for technical reporting and stakeholder collaboration.Static and dynamic application security testing: Experience with SAST and DAST methodologies.CI / CD Security and DevSecOps: Familiarity with integrating security into development pipelines.Automating security assessments: Experience with scripting and tooling for automation.We value diversity and encourage you to apply even if you don''t meet every skill listed above. Your passion and unique strengths could be the missing piece to our puzzle!Your perks as a SatispersonJoin an international team to grow withFuel your day with meal vouchersAccess Preply''s language platform to expand your language skillsBenefit from a 1.2k company welfare budgetOwn part of Satispay''s success with our Stock Option PlanGear up with our tech equipmentParticipate in team-building events, parties, trips, and more!Our selection processIncludes a call with our Talent Acquisition Team, a technical evaluation, and a final in-person meeting. Your recruiter will share more details during your first contact.Equal Opportunity EmployerAt Satispay, we celebrate diversity and inclusion. We welcome individuals of all backgrounds, regardless of race, color, religion, sex, gender identity, sexual orientation, or national origin. Join us in a workplace where everyone belongs!Learn More About UsExplore our core values here.#J-18808-Ljbffr