Companies Ajaib Offensive Security Engineer/Lead

About the role

Ajaib · Onsite

As the Offensive Security Engineer/Lead, you will spearhead our adversarial simulation, penetration testing, and vulnerability research programs to proactively identify and neutralize security weaknesses. Reporting directly to the Head of Security, you will design and execute sophisticated Red Team campaigns, simulate real-world cyber adversary behaviors, and validate our detection capabilities. You will be responsible for operationalizing threat intelligence by mapping all simulation activities directly to the MITRE ATT&CK framework and the Lockheed Martin Cyber Kill Chain. 

Key Responsibilities

  • Offensive Security Program Leadership: Define the strategy, scope, and execution roadmap for enterprise-wide penetration testing, red teaming, and adversary simulation exercises.
  • Adversary Simulation & MITRE Mapping: Design and execute complex, multi-stage red team operations that emulate real-world Threat Actors and Advanced Persistent Threats (APTs), meticulously mapping techniques to the MITRE ATT&CK Framework.
  • Cyber Kill Chain Validation: Evaluate the efficacy of our security posture across every phase of the Lockheed Martin Cyber Kill Chain (Reconnaissance to Actions on Objectives), identifying gaps in boundary defenses and internal monitoring.
  • Purple Teaming Collaboration: Partner closely with the Blue Team (SOC and Incident Response) to conduct Purple Team exercises, using simulation data to refine detection engineering, SIEM alerts, and response playbooks.
  • Vulnerability Exploitation & Reporting: Safely exploit vulnerabilities across network infrastructure, cloud environments, and applications. Translate complex technical proof-of-concepts into actionable, risk-prioritized remediation reports for engineering teams.
  • Tooling Innovation: Oversee the development, deployment, and safe operation of proprietary offensive security tools, scripts, and command-and-control (C2) frameworks.

Requirements

  • Experience: 8+ years of dedicated technical experience in offensive security, ethical hacking, or penetration testing, with at least 2+ years leading a red team or offensive security function.
  • Framework Expert: Mastery of the MITRE ATT&CK matrix (Enterprise, Cloud, and Mobile) and deep conceptual understanding of the Lockheed Martin Cyber Kill Chain methodology.
  • Technical Environment: Proficient with commercial and open-source offensive tools (e.g., Cobalt Strike, Burp Suite, Metasploit) and deep familiarity with cloud-native security landscapes (AWS, GCP, or Azure).
  • Scripting & Exploitation: Strong scripting/programming skills (e.g., Python, Go, PowerShell, Bash) to automate attacks, bypass security controls, and develop custom exploits.
  • Certifications: Possession of advanced offensive security certifications such as OSCE, OSEP, OSWE, GXPN, or CRTO (Certified Red Team Operator) is highly preferred.
  • Communication: Exceptional communication skills with a proven track record of explaining complex attack vectors and business impacts to both deeply technical engineers and non-technical business executives.

Benefits

Join us as we make magic happen to increase Indonesia’s financial inclusion!

Ready to apply to Ajaib?
Apply to Ajaib

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free