Cybersecurity Engineer 2

Allegro is a technology company operating a large-scale, cloud and on-premises environment with over 1000 microservices, an open-source data bus (Hermes) handling 300K+ requests per second, a Service Mesh with 1M+ requests per second, tens of petabytes of data, and production-used machine learning. The team focuses on security engineering challenges including securing distributed systems and production-used AI models.

• Hands-on experience with EDR/XDR and offensive security tooling.
• Ability to design and execute "Assume Breach" attack scenarios.
• Experience managing Red Team operational environments including C2 frameworks and redirectors.
• Skilled in developing custom payloads, loaders, and exploitation scripts.
• Proficient in executing MITRE ATT&CK framework operations in cloud and on-prem environments.
• Expertise in manual network and web application exploitation.
• Experience conducting sociotechnical and phishing assessments.
• High independence and self-driven approach with end-to-end ownership of offensive engagements.
• Knowledge of AI-assisted techniques for reconnaissance and offensive tactics.
• English language proficiency at least B2 level.
• Polish language proficiency at C1 level.

• Design and execute realistic, hands-on attack simulations focusing on "Assume Breach" scenarios.
• Develop custom offensive tooling to bypass modern EDR/XDR.
• Operate dedicated Red Team infrastructure aligned with the MITRE ATT&CK framework.
• Introduce AI-assisted techniques to maximize reconnaissance efficiency.
• Take full ownership of offensive engagements from scoping to final reporting and remediation guidance.
• Manage Red Team operational environments including Command & Control (C2) frameworks and supporting infrastructure.
• Develop custom payloads, loaders, and exploitation scripts with minimal reliance on public tools.
• Execute operations across the MITRE ATT&CK framework in cloud and on-prem environments.
• Conduct manual network/web application exploitation and end-to-end sociotechnical/phishing assessments.
• Engage in substantive discussions on software engineering and security best practices.
• Participate in team retrospectives and cross-team collaborations to develop soft skills and embrace a growth mindset.
• Adopt and secure AI technologies, incorporating AI coding and security assistants into daily work.
• Seek effective, business-enabling security solutions within the ecosystem.
• Continuously develop and update knowledge in a rapidly shifting threat landscape.

Only candidates with English language proficiency at least B2 level and Polish at C1 level are considered.