This job post is closed and the position is probably filled. Please do not apply. Work for Sentrabyte Digital Solusi and want to re-open this job? Use the edit link in the email when you posted the job!
About the Company
Sentrabyte Digital Solusi is a remote-first cybersecurity company with over five years of operational experience. We specialize in advanced security assessments, real-world risk validation, and high-impact penetration testing for global clients. Our work culture is focused, fully distributed, results-driven, and free from unnecessary bureaucracy. We value clarity, professionalism, and strong technical execution.
Role Overview
We are seeking a Cyber Security Specialist (Red Team / Offensive Security) with proven expertise in real-world exploitation and structured penetration testing. This position is well-suited for professionals who prefer autonomy, enjoy technical depth, and take pride in delivering accurate, high-impact security outcomes.
You will conduct authorized penetration tests, validate vulnerabilities, and contribute to our internal testing frameworks. Clear expectations, consistent workflow, and measurable results are key components of this role.
Key Responsibilities
Perform advanced penetration testing across applications, networks, and infrastructure.
Validate vulnerabilities and assess real-world impact under authorized conditions.
Analyze access paths and verify the feasibility and security of system access.
Produce high-quality technical documentation with reproducible steps and evidence.
Work closely with internal reviewers to maintain accuracy and technical integrity.
Maintain consistent weekly output aligned with established quality standards.
Stay current with modern offensive security tools, attack techniques, and methodologies.
Requirements
Proven real-world offensive security experience in authorized environments (client engagements, internal Red Team, or enterprise pentests โ not limited to labs or CTFs).
Demonstrated ability to achieve OS-level access (Linux/Windows) through real exploitation paths such as RCE, command injection, insecure deserialization, file upload abuse, or chained vulnerabilities.
Strong understanding of post-exploitation activities, including:
Enumeration after initial access
Privilege escalation (Linux/Windows)
Credential access and token abuse
Lateral movement or internal pivoting (where scope allows)
Solid knowledge of web, API, and network attack surfaces, with the ability to chain application-layer issues into system-level compromise.
Hands-on experience using offensive tooling in real engagements (e.g. Burp Suite, Nmap, ffuf, Metasploit, linPEAS/winPEAS, custom scripts).
Ability to work independently in a results-driven environment, managing exploitation workflows end-to-end.
Strong written communication skills in English, with the ability to produce clear, reproducible exploitation evidence (commands, payloads, screenshots, logs).
Nice to Have
Experience in authorized penetration tests, Red Team engagements, or validated bug bounty reports.
Ability to design repeatable and stable testing workflows.
Hands-on experience with Linux and Windows systems.
Relevant certifications (OSCP, OSEP, etc.) are considered an advantage but not mandatory.
Why Work With Us
Fully remote role with flexible working hours.
Engineering-focused environment with no corporate politics.
Opportunity to work on real-world security projects beyond theoretical labs.
Performance-based bonus opportunities.
Supportive, collaborative, and technically mature team.
Compensation level is determined by proven exploitation capability, testing consistency, and technical depth.
Salary Range
Junior / Intermediate: USD 18k โ 30k
Mid-Level: USD 30k โ 45k
Senior / Advanced Red Team: USD 45k โ 80k+
Mandatory Requirement (Non-Negotiable)
Documented, real-world experience obtaining stable OS-level shells (Linux and/or Windows) on production or authorized environments.
Candidates must be able to clearly explain at least one end-to-end exploitation flow, including:
Initial access vector
How shell access was achieved
Execution context (user / privileges)
What actions were performed immediately after gaining the shell
Candidates without hands-on get-shell and post-exploitation experience will not be considered for this role, regardless of application security or reporting background.
Applicants may be asked to verbally walk through a real exploitation scenario during the interview.
This role is not suitable for candidates focused primarily on application security, secure code review, or vulnerability reporting without hands-on OS-level exploitation experience.
Please mention the word EVENLY when applying to show you read the job post completely (#RMjE2LjczLjIxNy4yMA==). This is a feature to avoid fake spam applicants. Companies can search these words to find applicants that read this and instantly see they're human.
Salary and compensation
$10,000 — $80,000/year
Benefits
๐ Distributed team
โฐ Async
๐ Paid time off
๐ฐ Profit sharing
๐ No monitoring system
๐ซ No politics at work
How do you apply?
This job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.