Unleash the power of offensive security — be the frontline of next-generation cybersecurity innovation.
Krakow-based opportunity with hybrid work model.
As a Senior Cybersecurity Purple Teamer, you will be working for our client, an international leader in financial services safety and innovation. You will be a vital part of the Cybersecurity Research and Offensive Security team, focusing on proactive defense techniques that simulate real-world attacks, identify vulnerabilities, and strengthen security controls across global banking services. This role offers a unique chance to advance your career within a dynamic, cutting-edge environment, making a tangible impact on the safety of millions of customers worldwide.
Your main responsibilities:
- Deliver Purple Teams activities focused on a wide range of HSBC’s services to ensure security controls are effective and risks are minimized.
- Provide expert guidance and technical insights to various stakeholders across global business units and functions.
- Stay ahead of current threat tactics and techniques to inform Purple Team testing approaches.
- Collaborate with Red, Threat Intelligence, Operations, and Security Research teams to develop and execute Tactics, Techniques, and Procedures (TTPs).
- Make informed decisions for continuous Purple Teaming strategies across different security domains.
- Develop and refine TTPs to ensure HSBC’s resilience against emerging threats.
- Help protect the organization and its customers through proactive security measures.
You're ideal for this role if you have:
- At least 4 years of experience in cybersecurity, offensive security, or penetration testing.
- Proven expertise in vulnerability identification, exploit development, and purple teaming methodologies.
- Strong knowledge of TTP review and execution, including attack simulation and security control testing.
- Demonstrable experience in vulnerability exploitation and source code review.
- Familiarity with bypassing security controls like DLP, endpoint protection, and firewalls.
- Experience with tooling, automation, and prototyping within security environments.
- Excellent communication skills in English, both written and verbal.
It is a strong plus if you have: (optional)
- Certifications such as OSCP, GPEN, GWAPT, or similar.
- Knowledge of malware analysis, obfuscation, and exfiltration techniques.
- Experience with industry participation in cybersecurity communities or conferences.
Language Required for the role:
- Fluent English (written and spoken).
Eligibility for the role:
- Only candidates with an existing legal right to work in the European Union will be considered for this role.
#MAKEYourCareerBETTER
Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.