Security Researcher

Security Joes is looking for a Security Researcher to join our Red Team.

You’ll execute multi-layered offensive projects, define engagement methodologies, maintain internal tools and code repositories, and collaborate closely with our MDR and Incident Response teams to simulate the real thing - not the checkbox kind.

Our Red Team is a global, multidisciplinary crew of researchers fluent in the language of exploits, evasion, and adversary simulation. We’ve dropped reports, CVEs, and threat intel that moved the industry needle - and we’re just getting started.

What You’ll Do

Red Teaming, but modernized

• Conduct web, mobile, infrastructure, and cloud pentests that go beyond scanner output- our customers can run the tools themselves; they value us because we understand scanners’ limits and catch what tries to slip through.
• Plan and lead Red Team projects- from phishing and developing C2s to persistence and defense evasion- simulating realistic, multi-vector attacks and applying knowledge of modern technology stack and EDR operation.
• Design and develop internal tools, payloads, and automation frameworks to accelerate operations and reduce repetitive manual work.
• Conduct security research and contribute to the community through technical blog posts, responsible disclosures, and conference talks.

We appreciate if you can

• Write clear, narrative-driven reports that tell the story behind the breach- from entry to impact.
• Present findings and risk assessments to both technical and executive audiences, translating technical results into real business impact and actionable security improvements for their unique environment.
• Write code in Python/Go, PowerShell/Bash and C#/.NET to contribute to the team’s arsenal of in-house tools and proof-of-concepts.
• Read code in Java, JavaScript, PHP, Ruby, SQL
• Integrate AI into daily red-team automations- plug large-language-model (LLM) helpers into your routine so common tasks get faster and more consistent, while staying within ROE and privacy rules.

You Bring

• 4+ years in offensive security (Red Teaming, Penetration Testing, or Exploit Research).
• Demonstrated expertise in planning, executing, and documenting Red Team engagements, with a proven track record of uncovering vulnerabilities and providing valuable insights.
• Strong understanding of modern attack surfaces: on-prem, cloud, containers, CI/CD, and authentication frameworks, including AI & MCP related threats.
• Bachelor's degree in Computer Science OR Offensive Security certifications such as OSCP, OSCE, or other relevant certifications - an advantage.
• Excellent written and spoken English; storytelling ability a bonus.
• Passion for learning, breaking, building, and breaking again.

Security Joes is a leading provider of MDR (Managed Detection & Response) including high-end Incident Response (IR) and forensics investigations, red team activities, adversary simulations and tailored security project. Experts from around the world, unlimited to location, language or culture are part of our highly skilled team and we are constantly looking to grow.

Apply today to get a unique opportunity to join the JOES!