Job description
- Location:Sandton
- Employee Type:Permanent
- Department:Group Security
- Division:Central Services
Senior Offensive Security Researcher (13759)
Description
The Senior Offensive Security Researcher role exists to improve Investec's resilience to cyber threats through structured offensive research, threat-informed testing, detection improvement, and operational security collaboration.
This role sits within the Offensive Security function and bridges offensive security research, threat intelligence, detection engineering, and security architecture. The primary objective is to transform emerging threats, attacker techniques, and novel attack paths into actionable security outcomes for the organisation.
The role is focused on understanding how modern adversaries operate, assessing the relevance of emerging threats to Investec's environment, and driving measurable improvements across defensive capabilities, visibility, controls, and response readiness.
Key Responsibilities
• Conduct offensive security research into emerging threats, attacker techniques, tooling, tradecraft, and AI-enabled attack methodologies relevant to the financial sector and Investec's environment.
• Continuously monitor threat intelligence sources, public research, conferences, blogs, tooling releases, AI security developments, and attacker trends to identify emerging attack techniques and security risks.
• Define, scope, and execute structured research projects aligned to business priorities, organisational risk, and emerging threat landscapes including AI security threats.
• Develop proof-of-concept tooling, attack simulations, automation, detections, AI security validation techniques, or adversary emulation capabilities where appropriate.
• Research and assess emerging AI security threats including prompt injection, model abuse, AI-enabled social engineering, autonomous agent misuse, and adversarial AI techniques.
• Identify control gaps and provide recommendations for control hardening, AI security controls, and security architecture improvements.
• Work closely with Incident Response, Threat Intelligence, Security Operations, Security Architecture, and Operational Teams to operationalise research outputs.
• Support detection engineering initiatives by identifying logging requirements, telemetry gaps, and opportunities to improve visibility into attacker behaviour, AI system abuse, and anomalous activity.
• Produce high-quality research documentation, knowledge articles, and presentations for internal stakeholders.
• Participate in knowledge-sharing initiatives including technical workshops, lunch-and-learns, and security community collaboration where appropriate.
• Assist with high-priority incident response, threat hunting, offensive simulation, or emerging threat response activities when required.
Research Areas
Research is organised around a few broad themes rather than a fixed catalogue of topics, giving you the latitude to follow emerging threats wherever they lead. The specific focus within each theme shifts as the threat landscape evolves; representative examples include:
• Emerging AI security threats and adversarial AI, for example, prompt injection, model abuse, autonomous agent misuse, AI-enabled social engineering, and abuse of enterprise AI systems.
• Identity and infrastructure attack paths, for example, Active Directory, SAML and identity federation, SCCM and endpoint management, and cloud and hybrid identity.
• Detection engineering and visibility, or example, telemetry validation and behavioural detection of attacker and AI-system activity.
• Offensive tradecraft and tooling, for example, novel techniques targeting financial-services infrastructure, threat-actor tooling, and security automation.
Ways of Working
• Research projects will follow a structured lifecycle including scoping, prioritisation, execution, reporting, and debriefing.
• Research priorities will be informed by threat intelligence, emerging threats, business relevance, and defensive capability gaps.
• Research work will be executed in structured sprints while maintaining flexibility for urgent threats or security incidents.
• Research outputs must produce measurable value such as detections, hardening recommendations, control improvements, or risk identification.
Expected Outputs
Examples of expected outputs include:
• Detection recommendations.
• Control hardening recommendations.
• Research documentation and Confluence articles.
• Attack simulations and BAS scenarios.
• Security architecture recommendations.
• Threat-informed testing methodologies.
• Automation tooling and scripts.
• Risk tracker inputs and remediation recommendations.
Key Skills and Experience
• Strong understanding of offensive security techniques, attack chains, adversary tradecraft, and emerging AI-enabled attack methodologies.
• Experience with Windows, Active Directory, cloud and hybrid identity platforms, and enterprise infrastructure security.
• Familiarity with detection engineering, SIEM platforms, logging pipelines, security telemetry, and behavioural detection use cases.
• Understanding of emerging AI security threats including prompt injection, model abuse, adversarial AI techniques, and AI-enabled social engineering attacks.
• Ability to assess security risks associated with enterprise AI adoption, LLM integrations, and autonomous agent frameworks.
• Experience developing or analysing proof-of-concept tooling, attack simulations, automation, or detection validation techniques.
• Strong analytical, research, and problem-solving skills with the ability to translate technical findings into actionable security outcomes.
Investec Culture
At Investec we look for intelligent, energetic people filled with passion, integrity and curiosity. We value individuals who in turn value our culture that is, a flexible attitude comfortable to live with ambiguity and willing to challenge the status quo. Diversity, talent and leadership are respected in pursuit of the growth of our business. People who can manage themselves and build strong relationships in order to get things done, will perform in out of the ordinary ways in our environment.
We are committed to diversity and inclusion when recruiting internally and externally.



