Back to search
ChillBase Linkedin · Posted 12d ago

Senior Offensive Security Engineer

Almaty

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

ChillBase studio is an independent and innovative player in the gaming industry. We’re fueled by our passion for crafting outstanding products.


We are working on OneState — a unique Social RolePlay game — and we are looking for a Senior Offensive Security Engineer who will identify weaknesses before attackers do, put our products and infrastructure to the test, and help make our game services secure, resilient, and reliable for players.


What you will do:

Offensive Security & Penetration Testing

  • Conduct end-to-end penetration testing of web applications, APIs, internal and external infrastructure, cloud environments, and Kubernetes clusters
  • Perform vulnerability assessments and identify security weaknesses across products, infrastructure, and cloud environments
  • Simulate real-world attack scenarios, including privilege escalation, lateral movement, persistence, and attack path analysis
  • Participate in red team exercises and offensive security initiatives
  • Assess the security of cloud-native services, CI/CD pipelines, containerized environments, and infrastructure as code
  • Work with bug bounty programs and coordinate responsible disclosure activities
  • Research emerging attack techniques, vulnerabilities, and adversary tactics to improve the organization’s security posture
  • Partner with infrastructure and product teams to translate findings into practical remediation plans


What we want to see:

  • 4+ years of hands-on experience in Offensive Security, Penetration Testing, or Red Team roles
  • Practical experience performing penetration tests against web applications, APIs, cloud environments, or internal infrastructure
  • Strong understanding of common attack techniques, attack chains, and adversary behavior
  • Experience with Kubernetes and container security assessments
  • Knowledge of cloud security concepts and IAM models in AWS and/or GCP
  • Understanding of network security, authentication, and access control mechanisms
  • Experience with Linux systems and security hardening principles
  • Familiarity with CI/CD security and Infrastructure as Code technologies (Terraform, Helm, etc.)
  • Scripting and automation skills (Python, Bash, Go, or similar)
  • Understanding of common security frameworks and methodologies such as OWASP, MITRE ATT& CK, PTES, or ASVS
  • Native Russian language
  • Willingness to work from one of our offices in Almaty, Tbilisi, Yerevan or Limassol


BENEFITS

  • Relocation support to Almaty, Kazakhstan
  • Private Health Insurance
  • Compensation for sports activities
  • Days off and sick days in addition to official vacations and sick leave
Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent