Offensive Security Engineer

About Us

Security Impossible is a Melbourne-based cybersecurity company. We build hands-on cyber training environments used by educational institutions and professional teams.

The Role

We are hiring an Offensive Security Engineer to join our team. This is a hands-on offensive role — you will spend your days researching, exploiting, and engineering vulnerable environments. You will design real attack scenarios from the ground up: studying vulnerabilities, building target systems, executing exploits end-to-end, and producing the artefacts that come out of that work.

If you enjoy the technical side of red team work — figuring out how things break, building proof-of-concept exploits, breaking into Active Directory environments, exploiting web applications — this role lets you do that across a wide range of domains, full-time.

What You Will Be Doing

• Researching vulnerabilities and attack techniques across web applications, Active Directory, network infrastructure, and emerging domains
• Building vulnerable target environments using Docker, virtual machines, and lab orchestration
• Designing and executing end-to-end attack scenarios — from initial access through privilege escalation, lateral movement, and impact
• Documenting your work in clear technical writing — methodology, exploitation steps, and remediation
• Validating that everything you build works reliably and consistently
• Occasionally supporting client cyber drill events and red/blue team training sessions
• Continuously learning new offensive areas as the work demands

What You Need

Practical, demonstrated skill matters more to us than certifications. You should have hands-on experience with most of the following:

• Web application exploitation — Burp Suite, OWASP ZAP, OWASP Top 10. You can identify and exploit SQL injection, XSS, IDOR, file upload vulnerabilities, SSRF, and similar without a walkthrough.
• Active Directory attacks — BloodHound, Rubeus, Mimikatz, Impacket. You understand Kerberos attacks (Kerberoasting, AS-REP Roasting), Pass-the-Hash, and lateral movement.
• Privilege escalation on both Windows and Linux — you know what WinPEAS and LinPEAS produce and you can interpret their output. You have exploited unquoted service paths, SUID misconfigurations, sudo issues, and weak file permissions.
• Network reconnaissance and exploitation — Nmap, Netcat, basic Metasploit. You can enumerate a network and identify entry points.
• Linux and Windows command-line proficiency
• Docker — building images, writing Dockerfiles, multi-container setups with Docker Compose
• Scripting — at least one of Python, PowerShell, or Bash

You should also be:

• Genuinely curious about offensive security — you read security research, watch conference talks, try new techniques
• Able to communicate technical work clearly in writing
• Willing to learn unfamiliar topics quickly — we will sometimes ask you to work in areas you have not explored before
• Methodical — when you build something, every step needs to actually work
• Self-managing — this is a remote role and we expect you to organise your own work

Certifications

We do not require any specific certification. Practical demonstrated skill matters more to us. That said, certifications that signal genuine offensive capability and would strengthen an application include PNPT, CRTP, eJPT, eCPPT, CompTIA PenTest+, and similar offensive-focused credentials.

Note: Certifications are signals, not proof. Someone with no certifications who can demonstrate solid skill will be preferred over someone who lists certifications but cannot apply them. We will assess what you actually know.

Nice to Have

• Background in technical writing, training delivery, or curriculum design
• Familiarity with the MITRE ATT&CK framework
• Cloud security exposure (AWS or Azure misconfiguration testing)
• Experience with malware analysis tools (Volatility, FLOSS, PEStudio)
• Bug bounty experience or public security research

What We Offer

• Fully remote work — output matters, location does not
• Genuine variety — every few weeks you will be working on something different
• Real growth — we work across the breadth of cybersecurity and you will learn rapidly
• Direct impact — your work is used by real practitioners
• Small team, low bureaucracy — minimal process, maximum doing