Skip to content

Lead IT Security AI-Redteamer

DKB Code FactoryRemote (Spain, València, VC, Spain)July 18, 2026
Remote
Full-time
Pentesting
Management

We****lcome to DKB Code Factory…. 

{ { … a_place_to_stay_yourself:

} } ; 

{ { … a_place_to_stay_curious:

Lead Code Factory Spain’s offensive security capability as the Lead IT Security AI Redteamer. Use AI driven redteam techniques to find and validate vulnerabilities across APIs, cloud platforms, and internal systems, while coaching a small team and establishing a repeatable, scalable redteam service that materially reduces attack surface for strategic banking products 

} } ; 

{ your_responsibilities: [

  • Lead and perform AI-assisted red team engagements across web applications, APIs, cloud workloads and infrastructure, and deliver prioritized technical reports and executive summaries. 
  • Manage and develop two direct reports, run regular 1:1s, performance reviews, and development plans; contribute to hiring and team growth. 
  • Provide clear remediation guidance and validate fixes, prioritizing critical and high findings.
  • Configure, tune and maintain offensive tooling and develop automation playbooks that reduce manual triage and false positives.
  • Integrate recurring security checks into CI/CD pipelines and platform processes to enable continuous testing and attack-surface reduction.
  • Lead remediation workshops and knowledge transfers, and produce reusable runbooks for product and platform teams.
  • Coordinate triage and handoff with SOC, IT Ops, product teams and central IT Security, and support governance and compliance mapping (OWASP, API Security Top 10, CVSS).

] } ;

{ following_qualifications_would_be_in_line_with_our_desired_profile_for_this_position: [

  • Proven hands on experience in red team or offensive security testing across web apps, APIs, and cloud environments.
  • Solid understanding of OWASP Top 10, API Security Top 10, CVSS, secure SDLC, threat modeling.
  • Experience with AI assisted offensive tooling or demonstrable integration of ML/NLP techniques into offensive workflows (e.g., Mythos, GPT Cyber).
  • Strong practical experience with Burp Suite, OWASP ZAP, Nmap, Metasploit, Nessus/OpenVAS, and Kali Linux.
  • Solid cloud security knowledge, particularly AWS, and experience with Kubernetes and container security. 
  • Scripting and automation skills (Python, Bash) and experience integrating security checks in Git/GitLab CI or equivalent CI systems.
  • Strong stakeholder management skills, with the ability to engage confidently with engineering teams, senior stakeholders and leadership.  
  • Excellent written and verbal communication skills in English.
  • Experience with SIEM/logging platforms, OpenSearch, Grafana, or production monitoring stacks and prior experience in financial services or regulated environments are a plus.

] } ;

Got the feeling not to match every single requirement? Don’t worry! We encourage you to apply anyways, even if your qualifications do not align perfectly. You might still be just the right candidate for us!

{ { … a_place_to_stay_together:

From Morning Daily to Afterwork Drink, team spirit is essential to us. The heart of our togetherness is that we truly are connected with each other: We not only share fun & laughter, but also honest opinions - because that's how we grow: We exchange ideas, give support in our personal development, and celebrate success together! Besides our great community, we also offer numerous other benefits... 

} } ;

Job Details

Experience

Management

Tools & Tech

AWS
Bash
Burp Suite
ChatGPT
Git
GitLab
GitLab CI
Grafana
Kubernetes
Linux
Metasploit
Nessus
Nmap
OWASP ZAP
Python