Company Description

Sovereign AI is a UK-based AI infrastructure and solutions provider building the next generation of sovereign-grade AI data centres across EMEA. Designed for resilience, security, and scale, Sovereign AI enables commercial and government customers to deploy advanced AI with confidence in environments where performance, reliability, and compliance are non-negotiable. Focused on regulated and mission-critical sectors including Government, Defence, Healthcare, and Financial Services, Sovereign AI is creating the trusted foundations for AI adoption at scale, combining robust infrastructure with disciplined governance to support long-term innovation and national-level capability.

What you'll be doing

• Plan and execute cloud penetration tests and full-spectrum red team exercises against AWS, Azure, and GCP environments.

• Conduct assumed-breach engagements focusing on initial access, lateral movement, privilege escalation, and data exfiltration.

• Discover and exploit cloud-specific flaws, including IAM privilege escalation, metadata service (IMDS) abuse, and misconfigured storage buckets.

• Test Kubernetes environments for container escapes, RBAC bypasses, and secrets extraction.

• Develop and maintain custom offensive tooling, Command and Control (C2) infrastructure, and cloud-specific exploits.

• Write high-quality reports featuring technical narratives, reproduction steps, and actionable remediation guidance.

• Deliver debrief sessions to translate findings into fixes and collaborate with blue teams on purple team exercises to validate SIEM detections.

• Stay current on emerging TTPs and cloud attack techniques to contribute to the internal knowledge base.

Qualifications & Skills

• Deep knowledge of AWS IAM escalation paths (Rhino/HackTricks patterns) and Azure Entra ID abuse (PIM, service principals).

• Proficiency with offensive tools such as Pacu, Prowler, ScoutSuite, and ROADtools to identify exposed assets and leaked credentials.

• Expertise in SSRF/metadata abuse, container breakout techniques, and cloud-native lateral movement.

• Experience operating C2 frameworks like Cobalt Strike, Havoc, or Sliver within cloud-hosted infrastructure using OpSec-safe execution.

• In-depth understanding of the OWASP Top 10 and cloud-specific API attack surfaces (OAuth 2.0, OIDC token abuse).

• Proficiency in Python for cloud API interaction (Boto3, Azure/GCP SDKs) and custom exploit development.

• 4+ years in offensive security with at least 2+ years specifically focused on cloud-native services.

• Relevant credentials such as OSCP, CRTO, PNPT, or cloud-specific Security Specialties (AWS/Azure/GCP).

Why join us?

• Simulate sophisticated adversary techniques to secure infrastructure for mission-critical sectors like Defence and Healthcare.

• Stay at the forefront of cloud security by breaking and securing the latest AI infrastructure and containerised environments.

• Work in a collaborative environment where offensive findings directly drive the improvement of global detection capabilities.

• Join a high-growth UK leader building the trusted foundations for national-level AI adoption at scale.