Senior Offensive Security Engineer
Senior Offensive Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
As an Offensive Security Engineer within the Detection and Response team (DART) youll lead offensive security assessments that strengthen our defense capabilities. Working closely with the larger InfoSec team detection engineers and external engineering partners youll identify security weaknesses validate detection mechanisms and provide actionable recommendations to enhance our security posture. Youll collaborate with various architecture and engineering teams to continuously validate and improve our security controls and detection capabilities with a strong focus on developing repeatable testing frameworks and metricsdriven security improvements.
You Will:
- Lead offensive security assessments: conduct fullstack security assessments across our entire technology stack.
- Drive detection engineering partnerships: collaborate with detection engineers through purple team exercises attack simulations and threat emulation to improve detection coverage.
- Develop custom tools and frameworks: build and maintain security testing tools BAS frameworks and automation scripts that enable repeatable testing and quantifiable security improvements.
- Build security metrics: design and implement frameworks to measure security control effectiveness detection coverage and improvement over time through consistent testing methodologies.
- Research and innovate: stay current with the latest attack techniques tools and methodologies while building out both offensive and defensive security improvements.
- Mentor and collaborate: share knowledge across security teams and foster a culture of continuous security improvement.
You Have:
- 7 years: professional experience in offensive security with demonstrated experience in purple team exercises breach attack simulation and detection engineering teamwork.
- Development experience: proficiency in Python or Go for building security tooling and automation including experience with SOAR platforms and configuration management.
- Security assessment expertise: performing fullstack security assessments of web applications APIs cloud infrastructure and backend systems.
- Platform expertise: implementing and managing breach attack simulation platforms while working with detection engineering teams to validate and improve detection coverage.
- Deep understanding: of OWASP Top 10 vulnerabilities; common attack techniques; exploit development; postexploitation methodologies; security assessment frameworks (MITRE ATT&CK PTES); BAS methodologies; and modern detection stack components (EDR SIEM XDR).
- Knowledge: of security concepts including reverse engineering cloud security (AWS/Azure/GCP) container security CI/CD pipeline security API security and security metrics development.
- Certifications: such as OSCP OSCE GXPN or equivalent practical experience.
- Interpersonal skills: strong analytical and problemsolving abilities; excellent technical writing for detailed reports; ability to clearly communicate complex technical concepts; selfmotivated with a passion for offensive security and detection engineering.
Required Experience:
Senior IC
Employment Type
Full Time
