We are looking for a Senior Offensive Security Engineer to join Kredivo Group’s offensive security team.

You will actively test and strengthen the defences behind Timo’s digital banking platform, conducting penetration tests, simulating real-world attacks, and partnering with engineering teams to remediate vulnerabilities. Working closely with Kredivo Group’s Information Security function, you will help raise the security bar across Timo’s web, mobile, and infrastructure environments.

What You Will Do

• Conduct penetration tests and vulnerability assessments across Timo’s infrastructure, web applications, and mobile apps.

• Simulate real-world attacks to identify weaknesses, assess impact, and prioritize remediation.

• Use industry-standard tools, such as Metasploit, Burp Suite, Nmap, and similar, to identify exploitable issues.

• Document findings clearly, produce detailed reports with risks, exploit paths, and recommended mitigations.

• Partner with the Engineering and Infrastructure teams to remediate vulnerabilities and embed secure practices.

• Integrate security testing into CI/CD pipelines to enable continuous security validation

• Build automation, develop scripts and tools (Python, PowerShell, or similar) to streamline offensive security operations.

• Stay ahead of emerging threats, research new attack techniques, tools, and defences.

What We Are Looking For

Experience

• 4+ years in offensive security, penetration testing, or red teaming .

• Hands-on experience testing web applications, mobile applications, and cloud infrastructure.

• Comfortable working in agile, cross-functional environments.

Skills & Expertise

• Strong knowledge of penetration testing frameworks.

• Hands-on with industry-standard offensive tools.

• Experience identifying and exploiting vulnerabilities in Web, Mobile, Infrastructure layers.

• Proficient in scripting: Python, PowerShell, Bash, or similar.

• Familiarity with cloud security is preferred.

• Experience integrating security testing into CI/CD pipelines.

• Professional working English: regular collaboration with Kredivo’s regional Information Security team and Timo’s local engineering teams.