Urgent: Sr. Penetration Testing and Cloud Automation Engineer Proofpoint

Corporate Overview

Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks: vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web.

We are singularly devoted to helping our customers protect their greatest assets and biggest security risk: their people. That’s why we’re a leader in next-generation cybersecurity. Protection Starts with People. #Proofpoint.

The Role

We are looking for a highly skilled and experienced Senior Security Engineer with a strong focus on Penetration Testing and Cloud Security Automation/DevSecOps to join our Security Engineering team.

In this role, you’ll lead internal penetration testing efforts and red-team style assessments of critical infrastructure and applications, enabling secure-by-default infrastructure and secure software delivery pipelines. You will also apply your expertise in scripting, infrastructure-as-code (IaC), and cloud-native security practices to improve posture, visibility, and response.

Based in Cork, Ireland this key role will drive key Cloud/Data Centre security initiatives for Proofpoint Product portfolio. This is a high-impact role where you’ll help define and execute both the offensive testing strategy and defensive automation roadmap. You’ll be a go-to expert in uncovering vulnerabilities and building durable controls to prevent their exploitation at scale.

Key Responsibilities

- Penetration Testing & Offensive Security:

- Design and execute targeted internal red team / penetration tests across infrastructure, SaaS, APIs, and cloud environments

- Perform manual and automated testing to simulate real-world attack scenarios, including lateral movement and privilege escalation

- Collaborate with engineering teams to remediate findings through secure architecture and configuration
n

- Perform application security testing (black-box, grey-box, and white-box), including SAST, DAST, and manual review
- Conduct red-team and purple-team exercises to simulate attacker behaviours and validate detection/resilience capabilities
- Support the development of exploit POCs, custom tooling, and automation pipelines for recurring testing scenarios
- Security Automation & DevSecOps: Architect and build scalable cloud security automation pipelines from first principles, Develop and maintain Terraform modules, CI/CD integrations, and IaC security gates, Build and operate security data pipelines to ingest and analyse scan and detection data at scale
- Architect, build, and maintain security data pipelines to ingest, normalize, and analyse telemetry at scale
- Lead or contribute to threat modelling, risk assessments, and security architecture reviews.

What You Bring to the Team

- Extensive experience in Offensive Security, DevSecOps, security engineering roles
- Penetration testing experience across infrastructure, cloud services, and web applications
- Familiarity with tools such as: Burp Suite, Metasploit, Nmap, OSINT, BloodHound, Prowler, Kube-hunter, or custom scripts
- Solid understanding of MITRE ATT&CK, OWASP Top 10, CWE, and cloud attack paths
- Thorough understanding of AWS, Azure, or GCP security models, IAM, and threat surfaces
- Proven ability to build cloud-native security automation using Terraform (IaC), CI/CD tools and pipelines, Python/Go/Bash
- Excellent communication and collaboration skills with the ability to drive cross-functional initiatives.

Beneficial Experience

- Experience with SIEMs, SOAR, or threat intel platforms
- Experience with container security (e.g., Docker, Kubernetes, Falco, Trivy)
- Exposure to managing Network IPS/IDS systems (such as Stamus/Suricata)
- Certifications: OSCP, OSWE, OSEP, CRTO, GXPN or equivalent are a plus

Why Proofpoint

Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We’re a customer-focused and a driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly ‘culture-add’, and we strongly encourage people from all walks of life to apply.

We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. Apply today and explore your future at Proofpoint #LifeAtProofpoint

#J-18808-Ljbffr