Security Engineer | Offensive Security

GET TO KNOW US

We simplify wellness so you can find everything in one place. Gympass is a corporate wellness platform that connects you to thousands of fitness & wellness partners, all with one simple monthly membership. Founded in 2012 and headquartered in NYC, we have a growing global team in 11 offices around the world. At Gympass, you not only have the opportunity to build a career in a fast-paced global environment - but you'll make wellbeing universal, so everyone can be happy and healthy.

WHAT MAKES A GYMPASSER?

We are passionate about our mission! Whatever your job title is, here you can make a global impact and change people’s lives. At Gympass, we collaborate, set high achievable goal expectations, and focus on the end result.  It's a challenging, evolving environment that allows you to learn and grow. You will face a disruptive and emerging business model that will push you in several areas, with no boundaries for creation and collaboration.

THE OPPORTUNITY

We are hiring a SENIOR ENGINEER in OFFENSIVE SECURITY for our INFOSEC TEAM in PORTUGAL!

YOUR IMPACT

We are looking for a team member to help us focus on Secure Application Engineering, challenge our status quo, create missions that improve our engineers and company security and find how to improve the way we work to deliver an amazing product that our customers can trust. We are all-in the cloud and use software engineering principles to solve large scale production challenges.

Within this domain you will work with infosec offensive missions, crafting scenarios and running tests, automation, metric gathering, log scavenging and incident management.

• You have ran physical and virtual missions as a red team member to understand how products work
• You understand how cloud providers structure their offering and the often overlooked places that actors may abuse
• You understand observability and metrics
• You can write great documentation
• You helped teams get identify gaps on mobile and web applications
• You make the offensive security landscape accessible for engineers and product managers

 WHO YOU ARE

• 3+ years of professional experience in cyber security or related field.
• Strong knowledge of offensive security, focused on the Red Team.
• Knowledge in Public Cloud infrastructre (preferably AWS).
• Experience in reporting on the Red Team engagements providing an in-depth analysis of the security issues identified.
• Understanding of cybersecurity frameworks such as OWASP and  Mitre’s ATT&CK.
• Awareness of common software security flaws and web application security best practices.
• Ability to create tools and scripts for automating security tasks.
• Familiarity with the different techniques for exploitations, such as recognition, enumeration, scanning, post-scanning, lateral movement, etc...
• Experience with threat modeling.
• Knowledge in CI/CD pipelines.

The knowledge below is considered a plus:

• • Programming skills in any modern language (.NET, Java, Go, Kotlin, Python, NodeJS, Rust, etc...)
  • Familiarity with Bug Bounty programs.
  • Familiarity with CTF challenges.
  • Knowledge in Burp Suite, Tenable, Shodan, Security ScoreCard, or related tools. 

WHAT WE OFFER YOU 

We're a wellness company that is committed to the health and well-being of our employees. Our flexible program allows you to customize your benefits, according to your needs! Our benefits include:

WELLNESS: Health, dental, and life insurance.

FLEXIBLE WORK: Choose when and where you work. For most, this will be a hybrid office/remote structure but can vary depending on the needs of the role and employee preferences. We offer all employees a home office stipend and a monthly flexible work allowance to help cover the costs of working from home.

GYMPASS DISCOUNT: We believe in our mission and encourage our employees and their families to find their passion too. Access onsite gyms and fitness studios, digital fitness programs, and online wellness resources for meditation, nutrition, mental health support, and more.

PAID TIME OFF: We know how important it is that our employees take time away from work to recharge. 

BR: Vacations after 6 months and 3 days off per year + 1 day off for each year of tenure (up to 5 additional days) + extra day off for your birthday.

PAID PARENTAL LEAVE: Welcoming a new child is one of the most special moments in your life and we want our employees to take the time to be present and enjoy their growing family.

BR: 100% paid parental leave of 6 weeks to all new parents, of both biological and adopted children, regardless of gender and parent's relationship with the co-parent, Also extended maternity leave under local legislation 

CAREER GROWTH: Outstanding opportunities for personal and career growth. That means we maintain a growth mindset in everything we do and invest deeply in employee development.  

CULTURE: An exciting and supportive atmosphere with ambitious people from around the world! 

FLEXIBLE WORK: We give our employees some flexibility to adjust their working hours, letting them adjust their starting time within a range of 3 hours. 

And to get a glimpse of Life at Gympass...follow us on Instagram @gympasscareers and LinkedIn! 

Belonging @ Gympass

Gympass is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law. 

Questions on how we treat your personal data? See our Job Applicant Privacy Notice.