Red Team Engineer

At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.

We believe the future of payments is shaped by people who think big, take ownership, and bring curiosity and drive to everything they do. That’s exactly the kind of teammates we want on board.

We’re building the #1 payment orchestrator in the world — and the names behind us prove it. Clients include Bolt, Ajax, Nova Post, MEGOGO. Trusted by giants like J.P. Morgan. Ranked #2 in the “Employer of the Year 2026” award by Forbes Ukraine.

The platform processes millions of payments across 120+ services - 70+ of which touch cardholder data directly - and the attack surface grows with every new integration. This role exists to run continuous adversary emulation against that surface: finding real attack paths before attackers do, and making sure the blue team can detect and stop them. It's offensive security with a clear mission, not a checkbox exercise.
Explore our technology stack ➡️ here.

• Plan and execute full-scope red team operations across external perimeter, web/API, AWS infrastructure, corporate identity providers, and human attack vectors (phishing, social engineering)

• Build and run external testing programs - structured pentests and a bug bounty program with defined scope, rules of engagement, and triage process

• Run purple team cycles with the SOC: exercise specific techniques together, assess detection coverage, and hand off concrete recommendations for improving detection use cases

• Deliver risk-ranked reports with realistic impact analysis - written for both engineers and management - and track findings through remediation to revalidation

• Develop custom offensive tooling and automate repeatable test scenarios so coverage scales without bottlenecking on manual effort

• Validate that security controls actually work in the environment where they're deployed, not just in theory

• 4+ years in offensive security, penetration testing, or red team operations - with real engagements in production environments, not just labs or CTFs

• Hands-on red team / adversary emulation experience mapped to MITRE ATT&CK - end-to-end operations, not automated scanning

• Web and API exploitation beyond automated tools: manual techniques, OWASP Top 10 at the exploitation level

• Cloud attack experience, primarily AWS: IAM abuse, privilege escalation, misconfiguration exploitation, CI/CD pipeline attacks

• Scripting and tool development in Python, Go, or Bash/PowerShell for custom scenarios and automation

• Strong written reporting: you can explain an attack path and its business impact to a CISO and to an engineer, in the same document

• High operational discipline: OPSEC, ethics, and rules of engagement in environments with sensitive financial data

• Purple teaming experience and enough detection knowledge to translate an attack into a detection use case for the SOC

• Secure code review and exploit development for specific scenarios rather than generic vulnerability classes

• Familiarity with payment domain specifics: card processing flows, PCI DSS scope, SWIFT

• Contributions to open-source offensive tooling, published research, or CVEs

• You'll own the offensive security direction at Solidgate from scratch - adversary emulation program, tooling, bug bounty, and purple team cadence are yours to define

• The attack surface is genuinely complex: AWS-native infrastructure, 120+ microservices, a proprietary acquiring module, and regulated payment data flows

• Your findings directly change architecture decisions and engineering practices - not just a backlog of low-priority tickets

• You'll develop on the intersection of offensive security, cloud-native environments, and detection engineering through real purple team collaboration

• Regulated fintech red team experience at this scale is rare - this engagement belongs on a short list of defining career moves in the field

Impactful work: you're testing financial infrastructure that processes millions of real payments - not a sandbox. What you find and fix directly affects the company's risk profile and the businesses relying on the platform.

Creative freedom: the offensive security program is greenfield. No inherited methodology, no legacy tooling, no scope decisions made by someone who left two years ago. You design the adversary emulation program from scratch.

Career growth: a realistic path to leading the Offensive Security function within 6-12 months, with direct collaboration with a CISO who came up through the technical side. Want to go deeper into cloud attack research or detection engineering? That door is open.

Ownership culture: you own engagements end to end - scoping, execution, reporting, remediation tracking, and revalidation. No hand-offs to a PM, no findings that disappear into a backlog.

People worth working with: a senior InfoSec team that takes security seriously and treats offensive findings as engineering inputs, not audit outcomes. Smart, experienced teammates who raise the bar and actually have each other's backs.

The extras: 30+ days off, unlimited sick leave, free office meals, health coverage, and Apple gear. Courses, conferences, and wellness benefits - all there when you need them.

The best red teamers want a target worth attacking. This is it.
🫂 Know top talent? We’re always on the lookout. Refer someone for our role, and if they get hired, there’s a bonus waiting for you — simple as that.