Senior Cybersecurity Purple Teamer – Offensive Security Expert

Unleash the Power of Offensive Security — Become a Senior Cybersecurity Purple Teamer! Krakow-based opportunity with hybrid work model (up to 3 remote days per week). As a Senior Cybersecurity Purple Teamer, you will be working for our client, a leading financial institution committed to pioneering proactive cybersecurity strategies. In this exciting role within the Cybersecurity Research and Offensive Security (CROS) team, you’ll help design and execute advanced purple team assessments, simulating real-world attacks to identify vulnerabilities, improve controls, and strengthen the bank's security posture. Join us and propel your career into the frontline of industry-leading cybersecurity innovation. Your main responsibilities: Lead Purple Team assessments focusing on our client's services, ensuring controls are effective and do not expose the bank to excessive risk. Collaborate with key stakeholders to scope engagements, define objectives, and deliver action plans that balance operational risk with learning opportunities. Research and apply current attack techniques, developing Tactics, Techniques, and Procedures (TTPs) using input from Red Team, Threat Intelligence, and Security Research. Drive continuous purple teaming exercises, large-scale collaborative testing, and replay attack paths from attack simulations or regulatory penetration tests. Identify vulnerabilities, exploit development, and simulate attack scenarios to test defenses. Advise on improving security controls, reducing risks, and supporting the development of innovative cybersecurity solutions. Build and maintain strong relationships with stakeholders, ensuring clear communication and alignment. You're ideal for this role if you have: Minimum 7 years of experience in cybersecurity, focusing on penetration testing, red team, or purple team assessments. Proven track record in vulnerability exploitation and attack simulation. Expertise with exploit development and attack tooling. Deep understanding of current threat landscapes, tactics, techniques, and procedures of threat actors. Strong leadership and team-building skills, with experience managing or mentoring security teams. Ability to develop and execute complex purple team exercises effectively. Excellent stakeholder engagement and communication skills. It is a strong plus if you have: Certifications such as OSCP, CISSP, GPEN, or equivalent. Knowledge of malware packing, obfuscation, persistence, and exfiltration techniques. Experience with security controls bypass techniques. Automation and scripting skills for tooling and prototyping. Language Required for the role: Fluent English (written and spoken). Eligibility for the role: Only candidates with an existing legal right to work in the European Union will be considered for this role.