Senior APT & Automated Validation Engineer
Job description
We are seeking a Senior APT & Automated Validation Engineer who is more than a pentester—a developer who understands how to orchestrate, script and chain network and web app exploits so they run autonomously. In this role, you will engineer automated exploit scripts, configure continuous validation frameworks and safely validate vulnerabilities across live infrastructure. Experience the freedom of remote work from anywhere in Georgia, whether from the comfort of your home, our modern offices in Tbilisi and Batumi or a coworking space in Kutaisi. Responsibilities Sequence vulnerabilities together to achieve advanced outcomes, such as pairing a low-severity information disclosure with an SSRF to achieve Remote Code Execution Develop custom exploits and automate complex multi-stage authentication scripts, handling OAuth, TOTP and MFA programmatically Configure and scale continuous automated security validation tools Engineer automated exploit scripts that safely validate vulnerabilities without crashing live network infrastructure or corrupting production databases Apply intimate knowledge of the OSI model and core network protocols to orchestrate network and web app exploits Design threat models to guide validation strategies Manage vulnerabilities across production environments Leverage cyber threat intelligence to inform exploit chaining and validation efforts Requirements 3+ years of experience in penetration testing, exploit development or automated security validation Deep understanding of how to sequence vulnerabilities together to achieve outcomes such as Remote Code Execution Strong proficiency in Python, Go and Bash to write custom exploits and automate multi-stage authentication scripts Experience configuring and scaling continuous automated security validation tools such as Pentera, Cymulate and Picus Intimate knowledge of the OSI model, core network protocols such as DNS, BGP and TCP/IP Understanding of web application vulnerabilities including OWASP Top 10 and API flaws like IDOR Proven ability to engineer automated exploit scripts that can safely validate vulnerabilities without crashing live infrastructure or corrupting production databases Skills in cyber threat intelligence, threat modeling and vulnerability management We offer We connect like-minded people Delivering innovative solutions to industry leaders, making a global impact Enjoyable working environment, whether it is the vibrant office or the comfort of your own home Opportunity to work abroad for up to two months per year Relocation opportunities within our offices in 55+ countries Corporate and social events We invest in your growth Leadership development, career advising, soft skills and well-being programs Certifications, including GCP, Azure and AWS Unlimited access to LinkedIn Learning and Udemy Free English classes with certified teachers We cover it all Participation in the Employee Stock Purchase Plan Monetary bonuses for engaging in the referral program Comprehensive medical & family care package Five trust days per year (sick leave without a medical certificate) Benefits package (sports activities, a variety of stores and services) EPAM Georgia is a team of innovators united by a passion for technology. The dynamic and inclusive culture we embrace helps positively impact our communities, clients, and employees. Here you will collaborate with multi-national teams, contribute to numerous cutting-edge projects, deliver the most creative solutions, and have an opportunity to learn. Our people are at the heart of our success, and we are proud to provide talents with a solid ground to develop and grow.