Senior Offensive Security Engineer
We are looking for a Senior Offensive Security Engineer who will identify weaknesses before attackers do, put our products and infrastructure to the test, and help make our game services secure, resilient, and reliable for players.
What you will do:
Offensive Security & Penetration Testing
- Conduct end-to-end penetration testing of web applications, APIs, internal and external infrastructure, cloud environments, and Kubernetes clusters
- Perform vulnerability assessments and identify security weaknesses across products, infrastructure, and cloud environments
- Simulate real-world attack scenarios, including privilege escalation, lateral movement, persistence, and attack path analysis
- Participate in red team exercises and offensive security initiatives
- Assess the security of cloud-native services, CI/CD pipelines, containerized environments, and infrastructure as code
- Work with bug bounty programs and coordinate responsible disclosure activities
- Research emerging attack techniques, vulnerabilities, and adversary tactics to improve the organization's security posture
- Partner with infrastructure and product teams to translate findings into practical remediation plans
What we want to see:
- 4+ years of hands-on experience in Offensive Security, Penetration Testing, or Red Team roles
- Practical experience performing penetration tests against web applications, APIs, cloud environments, or internal infrastructure
- Strong understanding of common attack techniques, attack chains, and adversary behavior
- Experience with Kubernetes and container security assessments
- Knowledge of cloud security concepts and IAM models in AWS and/or GCP
- Understanding of network security, authentication, and access control mechanisms
- Experience with Linux systems and security hardening principles
- Familiarity with CI/CD security and Infrastructure as Code technologies (Terraform, Helm, etc.)
- Scripting and automation skills (Python, Bash, Go, or similar)
- Understanding of common security frameworks and methodologies such as OWASP, MITRE ATT&CK, PTES, or ASVS
- Native Russian language
- Willingness to work from one of our offices in Almaty, Tbilisi, Yerevan or Limassol
Growth and development
Our project is actively growing, as well as the team that creates it. We invest in the growth of each specialist and regularly review salaries based on performance. Moreover, we have a promotion system that allows specialists to showcase their talents in more responsible positions.
Comfortable conditions
You can choose various work types: hybrid or office. Also we have flexible hours with the option of taking days off.
Care for employees
We offer sick days without salary loss, assistance in difficult life situations, no bureaucratic nightmares and processes for the sake of processes.
