Job details

Senior Red Teamer Operator

Established in 2017, Storyblok has rapidly ascended to the forefront of the global headless CMS landscape. Our vision is to “pioneer the future of content management, removing barriers between developer and marketing teams by offering an intuitive, scalable, and intelligent platform to deliver digital experiences from idea to success”.

Our team is made up of smart, passionate individuals who excel in their work. People who are comfortable taking on big ideas and figuring out the details along the way. With a dynamic team of over 220+ passionate individuals spanning 45+ countries, we're not just breaking boundaries; we're redefining them!

Our recent $80m Series C funding round, secured in June 2024, marked a crucial milestone for us. It has fueled our remarkable growth in the US market and accelerated our ongoing expansion and advancements across EMEA.

We're proud recipients of numerous awards, including recognition in G2's 2024 Best Software Awards. As a remote-first company, we have been officially recognized as one of the top 100 most flexible places to work, ranking #3 in the scale-up category as per Flexa Careers.

WHAT IS IN IT FOR YOU

You will be joining a growing company where you can contribute to many “firsts”. Plus these benefits:

Monthly remote work stipend (home internet costs, electricity). Home office equipment package right at the start (laptop, keyboard, monitor…)
Home office equipment upgrade (furniture, ear plugs …) or membership to a local co-working space after your onboarding
Sick leave benefit, parental leave and 25 days of annual leave plus your local national holidays
Personal development fund for courses, books, conferences, and material
VSOP (Virtual Stock Option Plan)
The annual international team-building trip, quarterly and monthly online get-togethers
As a fully remote company, with work-life balance at its core, you’ll enjoy flexible schedules
An international team that loves to have fun at work and works hard together to accomplish shared goals

JOB SUMMARY

This role focuses on various security-related tasks around our day to day product operation such as the execution of threat-led penetration testing, handling of external security findings, execution of red / purple team exercises and penetration testing of external and internal infrastructures, architecture and configuration review, source code review, attack simulation exercises, and cloud infrastructure assessments. The results of these findings should be communicated to the appropriate stakeholders.

Your main responsibilities would be:

Monitoring for incoming vulnerability reports, testing for viability, categorisation of the findings and making sure they are fixed or properly mitigated.
Execution of threat-led penetration testing and red / purple team exercises by utilizing well-known and established frameworks such as MITRE ATT&CK and TIBER-EU.
Set-up and maintain automated testing systems to continuously monitor Storyblok's security posture
Assist with performing social engineering assessments (email phishing, vishing, physical access attacks) to simulate the theft of passwords, infiltrate systems, and download malware / ransomware to assess the security awareness.
Perform penetration tests on Storyblok assets, such as external and internal infrastructures and web applications to identify security weaknesses and misconfigurations.
Perform security configuration assessments for cloud, network, servers and endpoints.
Prepare reports and present on vulnerabilities and exploitation techniques.
Coaching and developing team members through sharing of experience and knowledge.
Keep up to date with the latest penetration testing techniques and the current threat landscape.
Maintain knowledge about current security standards, systems, and authentication protocols.
Provide awareness about potential threats and cyber security best practices.

EDUCATION AND EXPERIENCE

Experience with large scale applications on Amazon AWS
Experience with Linux, networking protocols, general utilities, and shell scripts
Fluency in scripting languages like Bash, Ruby, or Python
Experience with Cloud-native solutions
Excellent knowledge of offensive security frameworks
Experience with industry recognized security testing standards, penetration testing methodology and attack simulation tools.
Working experience preferred related to the execution of red / purple team exercises and / or penetration testing of web and mobile applications, internal and external infrastructure, execution of social engineering assessments.
Be able to conduct research and development and solve technical problems independently.
Be a team player with good communication and interpersonal skills.
Excellent communication skills

MENTAL, PHYSICAL AND ENVIRONMENTAL REQUIREMENTS

Remote (home) work opportunity or funded by Storyblok co-working space

GENERAL TERMS

Storyblok has a commitment to diversity and inclusion. We strive to create a hiring environment in which all people feel they are equally respected and valued, irrespective of gender identity or expression, sexual orientation, ethnicity, age, religion, citizenship or any other characteristic. You can find more information about our privacy policy here.

All communications regarding job opportunities at Storyblok will come from an official Storyblok employee with an email address ending in @storyblok.com. We will never redirect you to another portal or another site that is unrelated to our domain (storyblok.com).

Here is a sneak peek of Storyblok’s Visual Editor

If you need an accommodation for any part of the application process, please email talent.acquisition@storyblok.com

Storyblok Glassdoor Company Review

4.2

Storyblok DE&I Review

No rating

CEO of Storyblok

Dominik Angerer

Approve of CEO

Average salary estimate

$125000 / YEARLY (est.)

min

max

$100000K

$150000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Senior Red Teamer Operator, Storyblok

Are you ready to take your career in cybersecurity to the next level? Join Storyblok as a Senior Red Teamer Operator, where you can make a real impact in our rapidly growing team. Since our establishment in 2017, Storyblok has become a pioneer in the headless CMS landscape, and we're on a mission to transform the digital experience. Working remotely, you'll be part of a passionate team dedicated to executing high-stakes penetration testing and elevating our security posture. Dive into diverse tasks like managing vulnerability reports, executing threat-led penetration tests, and engaging in red/purple team exercises utilizing frameworks like MITRE ATT&CK. We value your expertise, so you’ll collaborate closely with stakeholders, share your knowledge with team members, and help elevate our security practices. Here at Storyblok, we believe in fostering personal development, and that's why we offer a variety of perks such as a monthly remote work stipend, an extensive personal development fund, and annual international team-building trips. With flexibility at the core of our remote-first culture, you have the freedom to craft a schedule that best suits you while being part of an international team aiming for success. If you're a team player with a wealth of knowledge in offensive security and a flair for communication, take your shot with us and be a part of something great!

Frequently Asked Questions (FAQs) for Senior Red Teamer Operator Role at Storyblok

What does a Senior Red Teamer Operator do at Storyblok?

As a Senior Red Teamer Operator at Storyblok, you will engage in various security-related duties such as conducting penetration testing on our infrastructures and applications, simulating attacks using social engineering tactics, and actively communicating findings to improve our security posture. Your role is vital in ensuring the safety of our systems and enhancing our overall security practice.