Offensive Security Engineer (Red Team)

About PlexTracPlexTrac is a cybersecurity SaaS platform helping security teams streamline reporting, exposure management, and remediation workflows. Our platform is used by penetration testers, red teams, consultants, enterprises, and managed security providers to operationalize security findings and improve collaboration across technical and executive stakeholders.We are a remote-first company headquartered in the United States with distributed team members across North America, Europe, and Asia. We are committed to ownership, transparency, practical problem-solving, and building products that customers genuinely rely on.Why This Role Matters We build security software that helps companies protect their data. To make our product stronger, we are looking for Offensive Security Engineers (Red Team) who think like attackers. You will find weaknesses before the bad guys do, report what you find clearly, and work with our engineering team to fix it. This is a hands-on role with real influence on how we build and ship securely.Location: Remote — India only.ResponsibilitiesPlan and execute red team engagements across our cloud infrastructure (AWS/GCP/Azure), internal networks, web applications, and SaaS productSimulate realistic attack chains — from initial access through lateral movement, credential harvesting, privilege escalation and data exfiltration — using current threat actor techniquesConduct assumed breach scenarios, purple team exercises, and objective-based engagements, not just point-in-time pen testsAssess cloud-specific attack surfaces: IAM roles and policies, storage misconfigurations, serverless functions, container workloads, and CI/CD pipelinesTest Active Directory and hybrid identity environments for common and advanced attack pathsPerform web and API application testing against our core product, including authentication flaws, authorization bypasses, and business logic vulnerabilitiesBuild, customize, and maintain offensive tools, scripts, and C2 infrastructure to support engagementsDevelop and manage red team infrastructure — attack servers, redirectors, phishing platforms, and operational security controlsCreate and maintain repeatable testing methodologies and internal playbooks the team can use and build onEvaluate and improve detection coverage by working closely with our blue team — identify what's being caught, what isn't, and whyWrite detailed reports that document attack paths, evidence, business impact, and remediation steps — clearly enough that an engineer can act on them without follow-up questionsPresent findings to both technical teams and non-technical stakeholders, including leadershipTrack remediation progress and validate that fixes actually close the identified gaps — not just check a boxHelp define the scope, methodology, and maturity of our red team program as we scaleContribute to internal security standards, threat models, and secure design reviewsMentor junior team members and support knowledge sharing across the security orgQualifications4+ years of hands-on experience in offensive security, penetration testing, or a red team roleDemonstrated ability to attack and assess cloud environments — AWS, GCP, and Azure — including IAM abuse, privilege escalation, and misconfiguration exploitationHands-on experience with container and Kubernetes security (EKS, GKE, AKS)Experience testing hosted and on-prem infrastructure: servers, VPNs, Active Directory, and internal networksWorking knowledge of web application attack techniques (OWASP Top 10 and beyond)Familiarity with MITRE ATT&CK and how to map findings to real-world threat behaviorExperience writing clear, well-organized findings reports for both technical and non-technical readersAbility to explain technical risk to people who are not security expertsComfort working independently and managing your own workloadNice to HaveExperience testing SaaS products or multi-tenant cloud architecturesScripting or coding ability in Python, Bash, or PowerShell Familiarity with C2 frameworks such as Cobalt Strike, Brute Ratel, or SliverExperience with phishing simulations and social engineering engagementsCertifications such as OSCP, CRTO, CRTE, CPTS, or equivalent hands-on credentialsTech StackCloud and hosted environments, modern SaaS infrastructure, enterprise security controls, and offensive security tools for vulnerability testing and threat simulation.Work StyleWe operate as a remote-first, distributed team with a strong asynchronous culture. We value thoughtful communication, autonomy, and collaboration, with core working hours that partially overlap with U.S. Eastern Time.Employees are administered through our EOR partner: Remote.We’re committed to building an inclusive workplace where people from all backgrounds can thrive. We welcome applicants regardless of race, ethnicity, religion, gender identity, sexual orientation, age, disability, or background.If you require accommodations during the interview process, please let us kno