Security Engineer - Red Team at Workato

We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Security Engineer - Red Team at Workato. . Location: Sofia, Bulgaria. About Workato. . Workato transforms technology complexity into business opportunity. As the leader in enterprise orchestration, Workato helps businesses globally streamline operations by connecting data, processes, applications, and experiences. Its AI-powered platform enables teams to navigate complex workflows in real-time, driving efficiency and agility.. . Trusted by a community of 400,000 global customers, Workato empowers organizations of every size to unlock new value and lead in today’s fast-changing world. Learn how Workato helps businesses of all sizes achieve more at . workato.com. .. . Why join us?. . Ultimately, Workato believes in fostering a . flexible, trust-oriented culture that empowers everyone to take full ownership of their roles. . We are driven by . innovation . and looking for. team players . who want to actively build our company. . . But, we also believe in . balancing productivity with self-care. . That’s why we offer all of our employees a vibrant and dynamic work environment . along with a multitude of benefits. they can enjoy inside and outside of their work lives. . . If this sounds right up your alley, please submit an application. We look forward to getting to know you!. . Also, feel free to check out why:. . . . Business Insider. named us an “enterprise startup to bet your career on”. . . . Forbes’ Cloud 100. recognized us as one of the top 100 private cloud companies in the world. . . . Deloitte Tech Fast 500. ranked us as the 17th fastest growing tech company in the Bay Area, and 96th in North America. . . . Quartz. ranked us the #1 best company for remote workers. . . Responsibilities. . Join our Product Security team as a . Security Engineer - Red Team.  and help secure the future of AI automation through offensive security operations.. This is a remote position in either Spain or Portugal. . You'll simulate real-world adversarial attacks against our cloud architecture, AI model endpoints, and complex multi-tenant SaaS platform while playing a key role in strengthening our defenses during our Agentic AI Transformation.. . You will play a pivotal role in identifying security weaknesses, validating defensive capabilities, and improving our security posture through adversarial testing. Your findings will directly influence product security architecture and drive security improvements across a diverse set of customer deployments. Key responsibilities include:. . . Adversarial Exercises and Penetration Testing:. Conduct red team exercises and penetration tests to simulate real-world attacks and validate defensive controls. . Exploitation and Vulnerability Research:. Perform vulnerability research and exploitation to validate attack paths and contribute to the security community. . Threat Modeling and Attack Simulation:. Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategies. . SecOps and Bug Bounty Collaboration:. Partner with Security Operations and Bug Bounty teams to enhance detection, response, and organizational resilience. . External Testing Coordination:. Coordinate external red team and penetration testing engagements and third-party security assessments. . Security Automation and Tooling:. Develop automated tools and frameworks to scale offensive security operations across systems and applications. . This role offers the opportunity to conduct offensive security research against mission-critical systems deployed globally while working with AI and cloud technologies. If you're passionate about thinking like an attacker to build stronger defenses, this role could be perfect for you.. . . Requirements. . Qualifications / Experience / Technical Skills. . . Bachelor's degree in Computer Science, Cybersecurity, or related technical field. . 5+ years in cybersecurity with a focus on offensive security, penetration testing, or red team operations. . Advanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent). . Deep expertise in cloud security testing, particularly AWS environments. . Proficiency in exploitation frameworks and tools (Nuclei, Metasploit, Burp, Cobalt Strike, custom tooling). . Scripting and automation skills (Python, Go, Bash, or similar). . Hands-on experience with vulnerability research and exploit development. . Knowledge of threat modeling methodologies and attack path analysis. . . Preferred Qualifications:. . . AI/ML security testing experience. . Experience with social engineering and phishing campaigns. . Advanced security certifications (GCFA, GCIH, GIAC, CRTO, CRTE). . Experience with threat intelligence and adversary emulation frameworks (MITRE ATT&CK). . Active participation in the security research community and CVE discoveries. . Knowledge of compliance frameworks and vendor relationship management. . . (REQ ID: 2219). This is one role we are advertising in multiple different countries