Skip To Main Content
backBack to Search

Senior APT & Automated Validation Engineer

Remote in Georgia, & 2 others
Security.Testing& 8 others
Looking for something else?

Find a vacancy that works for you. Send us your CV to receive a personalized offer.

Find me a job

We are seeking a Senior APT & Automated Validation Engineer who is more than a pentester—a developer who understands how to orchestrate, script and chain network and web app exploits so they run autonomously. In this role, you will engineer automated exploit scripts, configure continuous validation frameworks and safely validate vulnerabilities across live infrastructure.

Responsibilities
  • Sequence vulnerabilities together to achieve advanced outcomes, such as pairing a low-severity information disclosure with an SSRF to achieve Remote Code Execution
  • Develop custom exploits and automate complex multi-stage authentication scripts, handling OAuth, TOTP and MFA programmatically
  • Configure and scale continuous automated security validation tools
  • Engineer automated exploit scripts that safely validate vulnerabilities without crashing live network infrastructure or corrupting production databases
  • Apply intimate knowledge of the OSI model and core network protocols to orchestrate network and web app exploits
  • Design threat models to guide validation strategies
  • Manage vulnerabilities across production environments
  • Leverage cyber threat intelligence to inform exploit chaining and validation efforts
Requirements
  • 3+ years of experience in penetration testing, exploit development or automated security validation
  • Deep understanding of how to sequence vulnerabilities together to achieve outcomes such as Remote Code Execution
  • Strong proficiency in Python, Go and Bash to write custom exploits and automate multi-stage authentication scripts
  • Experience configuring and scaling continuous automated security validation tools such as Pentera, Cymulate and Picus
  • Intimate knowledge of the OSI model, core network protocols such as DNS, BGP and TCP/IP
  • Understanding of web application vulnerabilities including OWASP Top 10 and API flaws like IDOR
  • Proven ability to engineer automated exploit scripts that can safely validate vulnerabilities without crashing live infrastructure or corrupting production databases
  • Skills in cyber threat intelligence, threat modeling and vulnerability management