Security Engineer - Purple Team specialist H/F
Quick Summary
you can convince a product team to fix something they didn't want to hear about. Experience: ~3–5 years in offensive security, detection engineering or a mixed red/blue role.
The cybersecurity team includes Red/Purple/Blue teamers and risk & compliance oriented profiles, all working together to fix security weaknesses with innovative solutions, adapted to business needs. A Bug Bounty program, an authenticated program on our partner-facing platforms, an annual external Red Team engagement and recurring compliance assessments keep us honest, and our radar sharp.
Our threat detection & incident response runs fully in-house, nothing is outsourced: you can touch everything, from detection engineering, case management and response, threat intelligence and the vulnerability lifecycle to the AI agents orchestrated on top of it all. Automation and AI are at the core of everything (who doesn't?): agents triage our alerts 24/7 so humans focus on what matters, an LLM pipeline audits our code, and every confirmed finding feeds a remediation loop with product teams.
Attack Veepee's perimeter the way a real adversary would: red team, penetration tests (grey/black/white/AI box), Active Directory attack paths, phishing campaigns and the business web based processes themselves (member journeys, seller flows, payment chains), hunting for logic flaws no scanner will ever find.
Put our risk register and threat intelligence to the test: take a stated risk or an emerging threat and confirm it, or refute it, with a working attack scenario.
Qualify what comes in from the outside: Bug Bounty reports (public and authenticated programs) and alerts escalated by our RAG agents during the cyber-watching rotation.
Convert every confirmed attack path into something that runs without you: a detection rule, a hunting query, an automated control. If a bot can do it, we automate it.
Build and improve the team's tooling: AI-assisted code audit, password auditing, secret hunting, attack-surface monitoring.
Carry your findings through to remediation: explain the impact to product and infra teams, propose the fix, track it through our vulnerability-management lifecycle, and re-attack to prove it's closed.
Share your discoveries with technical and business teams and spread security culture in accordance with day-to-day constraints.
The most important thing is motivation! Naturally curious profiles who enjoy proving or disproving that an attack works, and who don't consider the job done until it's fixed.
Solid offensive skills: web and API penetration testing (OWASP), Active Directory attack techniques, and a taste for business-logic abuse beyond the technical stack.
Investigation fundamentals: comfortable digging through EDR, logs and network data to reach a verdict, and turning attacker behavior into detection logic or solid on the offensive side with a strong will to grow there.
Scripting and automation (Python, Bash, PowerShell); interest in AI-assisted security tooling (LLM-based code audit, agentic workflows) is a strong plus.
You document what you do and make it reproducible.
Strong communication skills: you can convince a product team to fix something they didn't want to hear about.
Experience: ~3–5 years in offensive security, detection engineering or a mixed red/blue role.
Language: French and professional English.
Location & Eligibility
Listing Details
- Posted
- July 15, 2026
- First seen
- July 17, 2026
- Last seen
- July 17, 2026
Posting Health
- Days active
- 0
- Repost count
- 0
- Trust Level
- 70%
- Scored at
- July 17, 2026
Signal breakdown
Please let Veepee know you found this job on Jobera.
3 other jobs at Veepee
View all →Explore open roles at Veepee.
Similar Security Engineer jobs
View all →Browse Similar Jobs
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
No spam. Unsubscribe at any time.
