This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Offensive Security Lead based in United Kingdom.
As an Offensive Security Lead, you will play a key role in strengthening the security of a cutting-edge cloud platform that supports advanced AI workloads. This hands-on leadership position combines technical expertise with team management, giving you the opportunity to build and lead an internal red team from the ground up. You will conduct sophisticated adversarial simulations, penetration testing, and offensive research to uncover critical vulnerabilities across cloud infrastructure and AI environments. Working closely with security engineering and detection teams, you will help improve resilience through collaborative security initiatives and actionable recommendations. This role offers the chance to tackle highly complex attack surfaces while shaping offensive security strategy in a fast-paced, remote-first environment focused on innovation and continuous improvement.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Offensive Security Lead based in United Kingdom.
As an Offensive Security Lead, you will play a key role in strengthening the security of a cutting-edge cloud platform that supports advanced AI workloads. This hands-on leadership position combines technical expertise with team management, giving you the opportunity to build and lead an internal red team from the ground up. You will conduct sophisticated adversarial simulations, penetration testing, and offensive research to uncover critical vulnerabilities across cloud infrastructure and AI environments. Working closely with security engineering and detection teams, you will help improve resilience through collaborative security initiatives and actionable recommendations. This role offers the chance to tackle highly complex attack surfaces while shaping offensive security strategy in a fast-paced, remote-first environment focused on innovation and continuous improvement.
Accountabilities
- Build, lead, and mentor an internal red team while establishing scalable offensive security practices and methodologies.
- Design, execute, and continuously improve penetration testing and adversarial simulation programs across cloud infrastructure, AI platforms, networking, storage, orchestration, and internal systems.
- Validate and enhance Secure SDLC threat models through continuous security assessments, automating routine validations where appropriate.
- Conduct advanced red team engagements to identify vulnerabilities affecting business-critical systems and collaborate with detection and response teams during purple team exercises.
- Research emerging attack techniques targeting GPU infrastructure, AI inference platforms, virtualization, tenant isolation, and cloud-native technologies.
- Perform security assessments of new products and infrastructure changes before release to identify and mitigate risks early.
- Deliver clear, prioritized reports with practical remediation guidance for both technical teams and senior stakeholders.
- Continuously improve offensive security tooling, processes, and capabilities to support a rapidly evolving technology environment.
- 6+ years of experience in offensive security, penetration testing, red teaming, or adversary simulation, including previous leadership or mentoring responsibilities.
- Strong expertise in attacking cloud-native environments, including Kubernetes, cloud identity and access management, virtualization, container security, and privilege escalation techniques.
- Deep understanding of the full attack lifecycle, including initial compromise, persistence, lateral movement, privilege escalation, and data exfiltration.
- Proficiency in developing offensive security tools or automation using languages such as Python, Go, or similar.
- Experience planning and executing purple team exercises while working collaboratively with defensive security teams.
- Excellent analytical, communication, and reporting skills, with the ability to present technical risks in a business-focused manner.
- Experience with AI infrastructure, GPU clusters, reverse engineering, exploit development, application security, kernel exploitation, vulnerability research, cloud internals, or security research presentations is considered an advantage.
- Competitive compensation package.
- Equity participation opportunities.
- Fully remote and flexible working environment.
- High level of ownership and autonomy.
- Career development and continuous learning opportunities.
- Collaborative international team working on innovative AI infrastructure.
- Opportunity to build a security function from the ground up and make a lasting impact.
- Exposure to complex, large-scale cloud and AI security challenges.