Logo for Sporty Group

Offensive Security Engineer

Role overview

Qualifications

  • Experience in offensive security, perimeter penetration testing, network security assessments, or adversary emulation.
  • Strong understanding of external asset discovery, DNS configuration vulnerabilities, and public IP network routing.
  • Practical experience auditing and testing Linux and Windows environments and underlying network services.
  • Strong scripting ability in Python, PowerShell, Bash, or similar to automate perimeter mapping, emulation workflows, and asset discovery.

Responsibilities

  • Monitor, map, and test Sporty’s entire external attack surface, including all Sporty Group external domains, subdomains, websites, and public IP addresses.
  • Conduct adversary emulation exercises against internal and office endpoints to validate the effectiveness of EDR, XDR, and SOC monitoring platforms.
  • Evaluate the security posture of physical office hardware, corporate network equipment, and internal edge infrastructure.
  • Perform scoped offensive testing on external-facing web applications and limited, public-facing API endpoints.

About the company

Sporty Group logo

Sporty Group

Leisure & Entertainment

Sporty Group is a consumer internet and technology business with unrivaled sports media, gaming, social and fintech platforms that serve millions of daily active users across the globe via technology and operations hubs across more than 10 countries and 3 continents. The recipe for our success is to discover intelligent and energetic people, who are passionate about our products and serving our users, and attract and retain them with a dynamic and flexible work life which empowers them to create value and rewards them generously based upon their contribution. We’re fortunate enough to have already built a capable and proven team of 500+ high achievers from a diverse set of backgrounds with a common thirst for excellence and we are constantly looking for more talented individuals to power our growth and serve our users further via their grit and innovation.

Company details

Company typeScaleup
IndustryLeisure & Entertainment
Company size501 - 1000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

About the role

Mission Strengthen Sporty’s offensive security posture by proactively testing and identifying vulnerabilities across our external perimeter, standalone virtual private servers (VPS), physical office infrastructure, and endpoint defenses. The Offensive Security Engineer owns the security testing, continuous perimeter monitoring, and reconnaissance across all Sporty Group external domains, websites, public IP blocks, and DNS configurations. This role works closely with IT, Network Engineering, SOC, and Security teams to convert external discovery, adversary emulation on EDR/XDR systems, and exploitation insights into tuned perimeter controls, firewall rules, and robust defensive guardrails.

What you'll be doing

  • Monitor, map, and test Sporty’s entire external attack surface, including all Sporty Group external domains, subdomains, websites, and public IP addresses.
  • Conduct adversary emulation exercises against internal and office endpoints to validate the effectiveness of EDR, XDR, and SOC monitoring platforms.
  • Evaluate the security posture of physical office hardware, corporate network equipment, and internal edge infrastructure.
  • Perform scoped offensive testing on external-facing web applications and limited, public-facing API endpoints.
  • Translate external discovery, DNS security posture, network access control weaknesses, and EDR emulation findings into repeatable defensive checks.
  • Support our Purple Team validate that EDR policies, perimeter controls, firewall rules, and network segmentation work as expected.
  • Document multi-stage network or system exploitation chains to provide practical, reproducible remediation blueprints for infrastructure and SOC teams.
  • Support IT and Network analysts with clear vulnerability descriptions, triage steps, severity logic, and escalation guidance.
  • Improve external asset tracking, perimeter health records, and exposure trend mapping.
  • Track external vulnerability gaps, emulation success rates, remediation times, asset health, and perimeter exposure.

What you'll bring

  • Experience in offensive security, perimeter penetration testing, network security assessments, or adversary emulation.
  • Strong understanding of external asset discovery, DNS configuration vulnerabilities, and public IP network routing.
  • Practical experience auditing and testing Linux and Windows environments and underlying network services.
  • Ability to perform adversary emulation and bypass techniques against modern EDR/XDR solutions.
  • Familiarity with testing physical office network hardware, routers, switches, firewalls, and workplace IT systems.
  • Ability to turn external exposures and technical network risks into clear, actionable fixes for IT and Security teams.
  • Experience with core web vulnerabilities and limited, scoped testing of modern API interfaces.
  • Strong scripting ability in Python, PowerShell, Bash, or similar to automate perimeter mapping, emulation workflows, and asset discovery.
  • Good understanding of scanning, reconnaissance, and interception tools.
  • Strong documentation skills.

Technology Expertise Any of the following: Kali Linux toolset, Nmap, Shodan, Censys, Masscan, Amass, Dig/DNS testing tools, Wireshark, Burp Suite, OWASP ZAP, Microsoft Defender XDR, CrowdStrike Falcon, SentinelOne, Atomic Red Team, Caldera, Python, PowerShell, Bash, VPS environments (Linux/Windows Server OS), Firewalls, Routers, Git, Jira, Confluence

What's in it for you

  • Sporty is a remote-first company in pursuit of sustainability
  • A competitive salary plus individual performance-based bonuses every quarter
  • 28 days paid annual leave
  • Core working hours of 10am-3pm in your local time zone, with flexibility outside of these hours
  • Referral bonuses and flash bonuses
  • Top-of-the-line equipment
  • Annual company retreats that provide opportunities to connect and collaborate with colleagues from around the world

Interview Process:

  • Remote video screening with our Talent Acquisition Team
  • Online assessment via Hackerrank
  • Remote video interview with Team Members (60 Mins)
  • Final discussion with the hiring manager (60 mins)

If you're interested, we encourage you to apply. Every application is reviewed by a member of our team, and we aim to respond within 48 hours.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
Β·

Security Engineer Related jobs

Other jobs at Sporty Group

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.