Security Engineer - Red Team

🇧🇬 Bulgaria - Remote
🔒 Cybersecurity🔵 Mid-level

Job description

About Workato

Workato transforms technology complexity into business opportunity. As the leader in enterprise orchestration, Workato helps businesses globally streamline operations by connecting data, processes, applications, and experiences. Its AI-powered platform enables teams to navigate complex workflows in real-time, driving efficiency and agility.

Trusted by a community of 400,000 global customers, Workato empowers organizations of every size to unlock new value and lead in today’s fast-changing world. Learn how Workato helps businesses of all sizes achieve more at workato.com.

Why join us?

Ultimately, Workato believes in fostering a flexible, trust-oriented culture that empowers everyone to take full ownership of their roles. We are driven by innovation and looking for team players who want to actively build our company.

But, we also believe in balancing productivity with self-care. That’s why we offer all of our employees a vibrant and dynamic work environment along with a multitude of benefits they can enjoy inside and outside of their work lives.

If this sounds right up your alley, please submit an application. We look forward to getting to know you!

Also, feel free to check out why:

  • Business Insider named us an “enterprise startup to bet your career on”

  • Forbes’ Cloud 100 recognized us as one of the top 100 private cloud companies in the world

  • Deloitte Tech Fast 500 ranked us as the 17th fastest growing tech company in the Bay Area, and 96th in North America

  • Quartz ranked us the #1 best company for remote workers

Responsibilities

Join our Product Security team as a Security Engineer - Red Team and help secure the future of AI automation through offensive security operations.

This is a remote position in either Spain or Portugal. You’ll simulate real-world adversarial attacks against our cloud architecture, AI model endpoints, and complex multi-tenant SaaS platform while playing a key role in strengthening our defenses during our Agentic AI Transformation.

You will play a pivotal role in identifying security weaknesses, validating defensive capabilities, and improving our security posture through adversarial testing. Your findings will directly influence product security architecture and drive security improvements across a diverse set of customer deployments. Key responsibilities include:

  • Adversarial Exercises and Penetration Testing: Conduct red team exercises and penetration tests to simulate real-world attacks and validate defensive controls

  • Exploitation and Vulnerability Research: Perform vulnerability research and exploitation to validate attack paths and contribute to the security community

  • Threat Modeling and Attack Simulation: Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategies

  • SecOps and Bug Bounty Collaboration: Partner with Security Operations and Bug Bounty teams to enhance detection, response, and organizational resilience

  • External Testing Coordination: Coordinate external red team and penetration testing engagements and third-party security assessments

  • Security Automation and Tooling: Develop automated tools and frameworks to scale offensive security operations across systems and applications

  • This role offers the opportunity to conduct offensive security research against mission-critical systems deployed globally while working with AI and cloud technologies. If you’re passionate about thinking like an attacker to build stronger defenses, this role could be perfect for you.

Requirements

Qualifications / Experience / Technical Skills

  • Bachelor’s degree in Computer Science, Cybersecurity, or related technical field
  • 5+ years in cybersecurity with a focus on offensive security, penetration testing, or red team operations
  • Advanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent)
  • Deep expertise in cloud security testing, particularly AWS environments
  • Proficiency in exploitation frameworks and tools (Nuclei, Metasploit, Burp, Cobalt Strike, custom tooling)
  • Scripting and automation skills (Python, Go, Bash, or similar)
  • Hands-on experience with vulnerability research and exploit development
  • Knowledge of threat modeling methodologies and attack path analysis

Preferred Qualifications:

  • AI/ML security testing experience
  • Experience with social engineering and phishing campaigns
  • Advanced security certifications (GCFA, GCIH, GIAC, CRTO, CRTE)
  • Experience with threat intelligence and adversary emulation frameworks (MITRE ATT&CK)
  • Active participation in the security research community and CVE discoveries
  • Knowledge of compliance frameworks and vendor relationship management

(REQ ID: 2219) This is one role we are advertising in multiple different countries

Share this job:
Please let Workato know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Workato logo

Workato

AI-powered enterprise automation

  • 501-1000 employees
  • Founded in 2013
  • 28 remote jobs
View all jobs

Latest Jobs at Workato

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply