Offensive Security Researcher | Red Team | Cloud & SaaS Exploitation in York

Join a cutting-edge Offensive Security team focused on uncovering high-impact vulnerabilities across modern attack surfaces. We’re looking for an experienced Offensive Security Researcher / Red Team Operator who thrives in complex, real-world environments and enjoys discovering novel attack paths beyond known CVEs.

This is a highly technical opportunity for someone passionate about vulnerability research, cloud exploitation, adversary simulation, exploit development, offensive automation, and advanced tradecraft across cloud-native and internet-facing environments.

About the Role

As an Offensive Security Researcher, you’ll identify and weaponise real-world attack paths across Cloud, SaaS, CI/CD pipelines, modern web applications, identity systems, and internet-exposed infrastructure. You’ll collaborate with elite offensive practitioners to conduct deep technical research, develop new offensive methodologies, and scale successful attack techniques through automation and tooling.

This role is ideal for senior-level offensive security professionals who enjoy autonomy, creative problem solving, vulnerability discovery, exploit research, red teaming, and advanced offensive engineering.

Key Responsibilities

• Hunt for high-value vulnerabilities across cloud platforms, SaaS environments, internet-facing infrastructure, APIs, identity systems, and modern applications.
• Discover and exploit complex attack chains beyond publicly known CVEs and commodity techniques.
• Conduct advanced offensive security research into emerging attack vectors, adversary tradecraft, and exploitation methodologies.
• Perform red team operations and adversary emulation against modern enterprise environments.
• Develop offensive tooling, PoCs, exploit automation, and research frameworks using Python, Go, or similar languages.
• Automate vulnerability discovery, exploit validation, reconnaissance, and offensive workflows at scale.
• Collaborate with Offensive Engineering teams to operationalise successful techniques and improve offensive capability.
• Research cloud-native attack paths across AWS, Azure, GCP, SaaS ecosystems, CI/CD pipelines, and identity providers.
• Contribute to blogs, whitepapers, technical research, or conference talks (optional but encouraged).

Required Skills & Experience

• Proven hands-on experience in Offensive Security, Red Teaming, Vulnerability Research, or Adversary Simulation.
• Strong understanding of modern attack surfaces including cloud infrastructure, SaaS platforms, APIs, identity systems, and web applications.
• Demonstrated ability to discover high-impact vulnerabilities and complex attack paths beyond known CVEs.
• Experience exploiting cloud identities, IAM misconfigurations, CI/CD pipelines, SSO environments, or internet-exposed services.
• Strong knowledge of adversary tradecraft, post-exploitation, lateral movement, privilege escalation, and modern offensive methodologies.
• Scripting or development capability in Python, Go, or similar languages for automation, tooling, exploit development, or offensive research.
• Ability to operate autonomously in highly technical offensive environments.
• Deep technical curiosity with a research-driven attacker mindset.

Desirable / Bonus Experience

• Exploit development experience.
• Cloud exploitation and cloud-native offensive security research.
• Public vulnerability disclosures, bug bounty achievements, or original security research.
• Experience building offensive security tooling or frameworks.
• Conference presentations, technical blogs, or published research.
• Knowledge of detection evasion, offensive automation, or large-scale attack surface analysis.