Senior Cybersecurity Purple Teamer – Offensive Security Expertise

Senior Cybersecurity Purple Teamer – Offensive Security Expertise Krakow Hybrid AWS Azure Django Docker GCP Jenkins MongoDB PostgreSQL Python React Spring Boot SQL English Mid-Level, Senior Banking, Corporate Banking, Investment Banking Security Specialist Unleash the power of offensive security — be the frontline of next-generation cybersecurity innovation. Krakow-based opportunity with hybrid work model. As a Senior Cybersecurity Purple Teamer, you will be working for our client, an international leader in financial services safety and innovation. You will be a vital part of the Cybersecurity Research and Offensive Security team, focusing on proactive defense techniques that simulate real-world attacks, identify vulnerabilities, and strengthen security controls across global banking services. This role offers a unique chance to advance your career within a dynamic, cutting-edge environment, making a tangible impact on the safety of millions of customers worldwide. Your main responsibilities: Deliver Purple Teams activities focused on a wide range of HSBC’s services to ensure security controls are effective and risks are minimized. Provide expert guidance and technical insights to various stakeholders across global business units and functions. Stay ahead of current threat tactics and techniques to inform Purple Team testing approaches. Collaborate with Red, Threat Intelligence, Operations, and Security Research teams to develop and execute Tactics, Techniques, and Procedures (TTPs). Make informed decisions for continuous Purple Teaming strategies across different security domains. Develop and refine TTPs to ensure HSBC’s resilience against emerging threats. Help protect the organization and its customers through proactive security measures. You're ideal for this role if you have: At least 4 years of experience in cybersecurity, offensive security, or penetration testing. Proven expertise in vulnerability identification, exploit development, and purple teaming methodologies. Strong knowledge of TTP review and execution, including attack simulation and security control testing. Demonstrable experience in vulnerability exploitation and source code review. Familiarity with bypassing security controls like DLP, endpoint protection, and firewalls. Experience with tooling, automation, and prototyping within security environments. Excellent communication skills in English, both written and verbal. It is a strong plus if you have: (optional) Certifications such as OSCP, GPEN, GWAPT, or similar. Knowledge of malware analysis, obfuscation, and exfiltration techniques. Experience with industry participation in cybersecurity communities or conferences. Language Required for the role: Fluent English (written and spoken). Eligibility for the role: Only candidates with an existing legal right to work in the European Union will be considered for this role.