Cybersecurity Engineer - Red Team Operation

Grupa Allegro Sp. z o. o. operates a large-scale, high-availability cloud and on-premises environment handling thousands of requests per minute. The team focuses on advanced security engineering, including offensive and defensive security tools, automated SAST/DAST pipelines, and pioneering security for production-used AI models. The Red Team Operations (RedSec) team specializes in realistic attack simulations and operates dedicated infrastructure aligned with the MITRE ATT&CK framework.

• Hands-on experience managing Red Team operational environments, including Command & Control (C2) frameworks and supporting infrastructure.
• Ability to develop custom payloads, loaders, and exploitation scripts bypassing modern EDR/XDR.
• Skilled in executing operations across the MITRE ATT&CK framework in cloud and on-premises environments.
• Deep expertise in manual network/web application exploitation and sociotechnical/phishing assessments.
• High independence and self-driven approach with full end-to-end ownership of offensive engagements.
• English language proficiency at least B2 level and Polish at C1 level.
• Openness to developing soft skills and embracing a growth mindset.
• Excitement about adopting and securing AI technologies and incorporating AI coding and security assistants.
• Ability to look for effective, business-enabling security solutions in a complex ecosystem.
• Willingness to constantly develop and update knowledge in a rapidly shifting threat landscape.

• Take full ownership of offensive engagements from scoping, preparation, execution, to reporting and remediation guidance.
• Manage Red Team operational environments, including Command & Control (C2) frameworks, redirectors, and supporting infrastructure.
• Develop custom payloads, loaders, and exploitation scripts to bypass modern EDR/XDR with minimal reliance on public tools.
• Execute operations across the MITRE ATT&CK framework in cloud and on-premises environments, including lateral movement, persistence, and evasion.
• Conduct manual network and web application exploitation and perform end-to-end sociotechnical/phishing assessments.
• Incorporate AI-assisted techniques and automation to improve reconnaissance efficiency and innovate offensive tactics.
• Secure, test, and optimize high-availability, high-performance security systems handling thousands of requests per minute.
• Participate in threat modeling, attack simulation, and deployment of protective guardrails within an autonomous team.