Security Engineer

Workato transforms technology complexity into business opportunity. As the leader in enterprise orchestration, Workato helps businesses globally streamline operations by connecting data, processes, applications, and experiences. Its AI-powered platform enables teams to navigate complex workflows in real-time, driving efficiency and agility.Descubra exactamente qué habilidades, experiencia y cualificaciones necesitará para tener éxito en este puesto antes de enviar su solicitud a continuación.Trusted by a community of 400,000 global customers, Workato empowers organizations of every size to unlock new value and lead in today’s fast-changing world. Learn how Workato helps businesses of all sizes achieve more at .We believe in a flexible, trust-oriented culture that empowers everyone to take full ownership of their roles. We are driven by innovation and looking for team players who want to actively build our company. We also balance productivity with self-care and offer a vibrant and dynamic work environment along with a multitude of benefits.If this sounds right up your alley, please submit an application. We look forward to getting to know youForbes’ Cloud 100 recognized us as one of the top 100 private cloud companies in the world. Deloitte Tech Fast 500 ranked us as the 17th fastest growing tech company in the Bay Area, and 96th in North America. Quartz ranked us the #1 best company for remote workers.ResponsibilitiesJoin our Product Security team in Barcelona as a Senior Security Engineer - Red Team and help secure the future of AI automation through offensive security operations. You'll simulate real-world adversarial attacks against our cloud architecture, AI model endpoints, and complex multi-tenant SaaS platform while strengthening our defenses during our Agentic AI Transformation.You will identify security weaknesses, validate defensive capabilities, and improve our security posture through adversarial testing. Your findings will influence product security architecture and drive security improvements across customer deployments. Key responsibilities include:Adversarial Exercises and Penetration Testing: Conduct red team exercises and penetration tests to simulate real-world attacks and validate defensive controlsExploitation and Vulnerability Research: Perform vulnerability research and exploitation to validate attack pathsThreat Modeling and Attack Simulation: Collaborate on threat modeling to anticipate attacker techniques and strengthen defensive strategiesSecOps and Bug Bounty Collaboration: Partner with Security Operations and Bug Bounty teams to enhance detection, response, and resilienceExternal Testing Coordination: Coordinate external red team and penetration testing engagements and third-party security assessmentsSecurity Automation and Tooling: Develop automated tools and frameworks to scale offensive security operations across systems and applicationsThis role offers the opportunity to conduct offensive security research against mission-critical systems deployed globally while working with AI and cloud technologies. If you're passionate about thinking like an attacker to build stronger defenses, this role could be perfect for you.RequirementsQualifications / Experience / Technical SkillsBachelor's degree in Computer Science, Cybersecurity, xsgfvud or related technical field5+ years in cybersecurity with focus on offensive security, penetration testing, or red team operationsAdvanced penetration testing certifications (OSCP, OSCE, GPEN, GXPN, or equivalent)Deep expertise in cloud security testing, particularly AWS environmentsProficiency in exploitation frameworks and tools (Burp, Cobalt Strike, custom tooling)Scripting and automation skills (Python, Go, Bash, or similar)Hands-on experience with vulnerability research and exploit developmentKnowledge of threat modeling methodologies and attack path analysisPreferred Qualifications:AI/ML security testing experienceExperience with social engineering and phishing campaignsAdvanced security certifications (GCFA, GCIH, GIAC, CRTO, CRTE)Experience with threat intelligence and adversary emulation frameworks (MITRE ATT&CK)Active participation in security research community and CVE discoveriesKnowledge of compliance frameworks and vendor relationship management(REQ ID: 2219)#J-18808-Ljbffr