Senior Attack Engineer, AWS SME

New

Horizon3 AICybersecurity

US, RemoteFull-TimeSenior

Salary181000 - 242000 USD per year

Apply NowOpens the employer's application page

Job Details

Experience: 7+ years
Required Skills: AWSPythonDynamoDBGitC#C++GoCI/CDTerraformAWS LambdaCloudFormation

7+ years in offensive security with deep AWS specialization.
Strong expertise in AWS security architecture and attacker tradecraft (IAM, role chaining, federation abuse, privilege escalation).
Expertise in resource and data access abuse (S3, RDS, DynamoDB, EBS snapshots, Secrets Manager, Parameter Store).
Expertise in compute/container attack patterns (EC2, ECS, EKS, Lambda).
Expertise in network/external perimeter and control-plane abuse (VPC misconfigs, SG/NACL issues, API exposure).
Expertise in multi-account org/landing zone compromise scenarios.
Ability to chain AWS attack paths end-to-end and explain exploitability and impact clearly.
Familiarity with tooling such as Pacu, ScoutSuite, Prowler, CloudSploit, awscli-based tradecraft, or custom cloud offensive tooling.
Strong Python development skills.
Ability to read and modify offensive tooling in Go, C++, C#, or other systems languages.
Strong understanding of cloud platform concepts, APIs, and automation pipelines.
Comfortable with Git and PR workflows.
Working knowledge of CI/CD and infrastructure-as-code patterns, including CloudFormation, Terraform, and CDK.
Proven experience delivering AWS offensive work where customer outcomes matter.

Lead our AWS offensive strategy and execution.
Be the internal authority on attacking, validating, and explaining real-world AWS attack paths using NodeZero in customer environments.
Help shape the most impactful AWS attack content.
Partner closely with Attack Engineering and Product to ensure NodeZero stays aligned with modern cloud attacker tradecraft.
Research, develop, and validate AWS offensive capabilities for NodeZero.
Research and weaponize AWS misconfigurations, vulnerabilities, and emerging attacker techniques.
Own AWS offensive methodology and playbooks: discovery → exploitation → privilege escalation / lateral movement → verification → customer narrative.
Serve as the AWS security subject matter expert for customer technical briefings, internal enablement, and select external content.
Mentor Cloud Attack teammates and raise the bar for cloud offensive rigor, delivery quality, and customer-facing clarity.

View Full Description & ApplyYou'll be redirected to the employer's site