Senior Security Engineer | Offensive Security
Lisbon, Portugal
há 6 dias


We simplify wellness so you can find everything in one place. Gympass is a corporate wellness platform that connects you to thousands of fitness & wellness partners, all with one simple monthly membership.

Founded in 2012 and headquartered in NYC, we have a growing global team in 11 offices around the world. At Gympass, you not only have the opportunity to build a career in a fast-paced global environment - but you'll make wellbeing universal, so everyone can be happy and healthy.


We are passionate about our mission! Whatever your job title is, here you can make a global impact and change people’s lives.

At Gympass, we collaborate, set high achievable goal expectations, and focus on the end result. It's a challenging, evolving environment that allows you to learn and grow.

You will face a disruptive and emerging business model that will push you in several areas, with no boundaries for creation and collaboration.




We are looking for a team member to help us focus on Secure Application Engineering, challenge our status quo, create missions that improve our engineers and company security and find how to improve the way we work to deliver an amazing product that our customers can trust.

We are all-in the cloud and use software engineering principles to solve large scale production challenges.

Within this domain you will work with infosec offensive missions, crafting scenarios and running tests, automation, metric gathering, log scavenging and incident management.

  • You have ran physical and virtual missions as a red team member to understand how products work
  • You understand how cloud providers structure their offering and the often overlooked places that actors may abuse
  • You understand observability and metrics
  • You can write great documentation
  • You helped teams get identify gaps on mobile and web applications
  • You make the offensive security landscape accessible for engineers and product managers

  • 3+ years of professional experience in cyber security or related field.
  • Strong knowledge of offensive security, focused on the Red Team.
  • Knowledge in Public Cloud infrastructre (preferably AWS).
  • Experience in reporting on the Red Team engagements providing an in-depth analysis of the security issues identified.
  • Understanding of cybersecurity frameworks such as OWASP and Mitre’s ATT&CK.
  • Awareness of common software security flaws and web application security best practices.
  • Ability to create tools and scripts for automating security tasks.
  • Familiarity with the different techniques for exploitations, such as recognition, enumeration, scanning, post-scanning, lateral movement, etc...
  • Experience with threat modeling.
  • Knowledge in CI / CD pipelines.
  • The knowledge below is considered a plus :

  • Programming skills in any modern language (.NET, Java, Go, Kotlin, Python, NodeJS, Rust, etc...)
  • Familiarity with Bug Bounty programs.
  • Familiarity with CTF challenges.
  • Knowledge in Burp Suite, Tenable, Shodan, Security ScoreCard, or related tools.

    We're a wellness company that is committed to the health and well-being of our employees. Our benefits include :

    Gympass discount : We believe in our mission and encourage our employees and their families to find their passion too. Access onsite gyms and fitness studios, digital fitness programs, and online wellness resources for meditation, nutrition, mental health support, and more.

    Flexible work : Choose when and where you work. For most, this will be a hybrid office / remote structure, but can vary depending on the needs of the role and employee preferences.

    We offer all employees a home office stipend and a monthly flexible work allowance to cover the costs of working from home.

    Paid time off : We know how important it is to take time away from work to recharge. Employees receive a minimum of 25 days paid holiday per year with an additional day for each year of tenure (up to 5) in addition to annual holidays (including an extra holiday on your birthday!).

    For Germany : change sentence to 30 days)

    Parental leave : 100% paid parental leave of 12 weeks to all new parents (of both biological and adopted children, regardless of gender and parent's relationship with the co-parent) + 100% paid birth leave of 14 weeks.

    Career growth : Outstanding opportunities for personal and career growth. That means we maintain a growth mindset in everything we do and invest deeply in employee development.

    Culture : An exciting and supportive atmosphere with ambitious people from around the world!

    Reportar esta oferta de trabalho

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Meu email
    Ao clicar em "Continuar", autorizo a neuvoo a processar os meus dados e a enviar-me alertas de e-mail, conforme detalhado na Política de Privacidade da neuvoo . Posso retirar o meu consentimento ou cancelar a subscrição a qualquer momento.
    Formulário de candidatura