Red Team Security Engineer - Prishtine, Kosovo

At Wasabi, we’re a proven collection of pioneers, visionaries and disruptive doers. We see things differently than our competitors, and we make our mark in the industry by challenging the norm and delivering the unexpected and improbable. We’re a fast-growing company taking the Cloud Storage industry by storm and recognized as one of the best places to work in Boston. 

Wasabi hot cloud storage is a new class and category of cloud storage, breaking all traditional barriers and boundaries of storage with a disruptive value proposition of being 1/5th the cost of AWS S3, faster than the competition, with no fees for egress or API request and delivered as a single-tier solution. Cloud storage has never been so simple, so fast and so inexpensive. It’s all part of our vision to make cloud storage the next great global utility, just like electricity.

Role Description: Red Team Security Engineer 

Role Purpose:  

As a Red Team Security Engineer, you will play a critical role in adversary emulation, offensive security, security operations and other security-related engineering projects to proactively identify and mitigate threats to Wasabi Cloud Storage Platform. You will conduct full-scope Red Team engagements, penetration tests, and attack simulations while also contributing to the Wasabi Security Team in Security Network Operations Center (SNOC) activities, and other security-related engineering activities, including threat hunting, incident analysis, and detection engineering. By leveraging deep expertise in cloud security, Kubernetes, API exploitation, and adversary tactics, you will help strengthen Wasabi’s security posture by continuously testing and refining defenses. Your role requires a balanced approach by combining offensive security skills with defensive collaboration, ensuring Wasabi is well-prepared against real-world cyber threats. 

*Principals only. No recruiters.

Responsibilities:

• Conduct full-scope Red Team engagements, including network, application, cloud infrastructure attacks, and API/Web security assessments. 
• Simulate real-world threats against AWS, Azure, and GCP, focusing on IAM, S3, storage misconfigurations, and API abuse. 
• Exploit vulnerabilities in web applications, APIs, identity systems, and other systems. 
• Test containerized environments (Docker, Kubernetes, ECS, EKS) for security gaps. 
• Perform lateral movement, privilege escalation, and persistence techniques in cloud and other environments. 
• Bypass WAFs, EDR/XDR, and SIEM detection to test various security posture gaps. 
• Conduct social engineering and phishing campaigns to evaluate employee security awareness. 
• Develop and use custom tooling, scripts, and payloads for offensive security testing. 
• Provide and work on detailed reports with technical findings, remediation recommendations and be able to present the findings to other peers in a concise and clear way. 
• Collaborate with Blue Teams, SOC analysts, security architects, operations and, development teams to improve detection and response strategies. 
• Stay updated with latest exploits, vulnerabilities, cloud security threats, and TTPs. 
• Conduct threat hunting in cloud environments by analyzing logs, behavioral analytics, and SIEM detections. 
• Perform forensic analysis on cloud-based attacks, identifying indicators of compromise (IoCs) and TTPs used by adversaries. 
• Collaborate and work in SOC analysis, blue teams, and operations team to improve attack detection, logging and alerting. 

Requirements:

• 5+ years of experience in Penetration Testing, Offensive Security or Red Teaming. 
• Strong expertise in AWS, Azure, or GCP security, including IAM, S3, API Gateway, and Kubernetes security. 
• Hands-on experience with general, cloud, and app exploitation tools such as. Burp Suite, Metasploit, Pacu, Stratus Red Team, CloudFox etc. 
• Proficiency in Python, Go, C, Bash, and PowerShell for automating attacks and exploit development. 
• Familiarity with Red Team C2 frameworks such as Sliver, Mitre ATT&CK Caldera, or Cobalt Strike. 
• Experience in bypassing security controls, including WAFs, AV/EDR, and logging mechanisms. 
• Understanding data exfiltration techniques, covert channels, and cloud-based persistence. 
• Knowledge of MITRE ATT&CK Cloud Matrix and real-world adversary tactics. 
• Certifications such as OSCP, OSEP, CRTO etc. (preferred but not required). 
• Knowledge of SIEM/SOC operations, including log analysis, alert triage, and detection engineering. 

Soft Skills: 

Humble and collaborative: Open to learning, sharing knowledge, and working with others. 

Approachable and team-oriented: Comfortable working with developers, operations, blue teams, and leadership. 

Strong communication skills: Ability to explain technical findings to both technical and non-technical audiences. 

Curious and innovative: Always looking for new attack vectors, tools, libraries, programming knowledge and creative solutions (looking outside the box). 

Ethical and responsible: Ensures security testing is safe, controlled, within the scope, and aligned with company policies. 

Analytical and detail-oriented: Able to think like an attacker while also identifying detection gaps. 

Wasabi Technologies is an Equal Opportunity Employer. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.