Offensive Security Engineer II
Offensive Security Engineer II
Posted on :
02-10-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
At Qualtrics we create software the worlds best brands use to deliver exceptional frontline experiences build high-performing teams and design products people love. But we are more than a platformwe are the creators and stewards of the Experience Management category serving over 18K clients globally. Building a category takes grit determination and a disdain for conventionbut most of all it requires close-knit high-functioning teams with an unwavering dedication to serving our customers.
When you join one of our teams youll be part of a nimble group thats empowered to set aggressive goals and move fast to achieve them. Strategic risks are encouraged and complex problems are solved together by passing the microphone and iterating until the best solution comes to light. You wont have to look to find growth opportunitiesready or not theyll find you. From retail to government to healthcare were on a mission to bring humanity connection and empathy back to business. Join over 5000 people across the globe who think thats work worth doing.
Offensive Security Engineer II - Krakow PL
Why We Have This Role
Qualtrics operates in an environment where security threats are constantly evolving making it essential to prioritize security across our operations. The Offensive Security Engineer plays a vital role in strengthening our products and infrastructure by proactively identifying and exploiting security vulnerabilities helping to safeguard against evolving threats before they can be exploited. This individual will conduct thorough security assessments and penetration tests across applications and infrastructure collaborating closely with development and operations teams to identify weaknesses and support effective remediation contributions are vital in protecting customer data strengthening the companys reputation and ensuring that we deliver secure services consistently.
How Youll Find Success
- Offensive Security Security Mindset: Demonstrate a deep technical understanding of security vulnerabilities from an attackers perspective embodying the Try Harder ethos as a disciplined resilient and methodical approach to overcoming challenges through curiosity creativity and sustained effort.
- Proactive Initiative: Take ownership of security-related outcomes actively gathering necessary context to work autonomously toward the goals of platform security.
- Effective Communication: Foster trust and collaboration by communicating clearly and effectively across all levels of the organization.
- Security Knowledge: Possess an extensive understanding of security concerns related to products cloud environments and infrastructure providing valuable insights.
- Collaborative Spirit: Build strong relationships across various product teams to propel security initiatives forward and facilitate cohesive security practices.
- Analytical Thinking: Demonstrate sound judgment and problem-solving abilities in addressing complex security issues efficiently.
- Commitment to Learning: Keep pace with the latest trends and developments in security continuously enhancing your expertise in threat mitigation and security best practices.
How Youll Grow
- Deepening Security Knowledge: Deepen your expertise in key areas of offensive security such as penetration testing secure coding practices threat modeling and application vulnerability management allowing you to tackle increasingly complex security challenges within our product development lifecycle.
- Leadership in Security Initiatives: Take the lead on critical security initiatives including driving security assessments code review processes strengthening your leadership capabilities and making a measurable impact on our security posture.
- Strategic Influence: Collaborate with cross-functional teams to shape and influence security policies and frameworks contributing to the overall security strategy of the organization and enhancing your ability to drive organizational change.
- Knowledge Development: Remain current with security trends augmenting your understanding of emerging threats and innovative solutions.
- Innovation and Research: Explore and experiment with new security technologies and methodologies providing innovative solutions to security challenges and reinforcing your position as a key contributor to the organizations security advancements.
Things Youll Do
- Perform thorough white grey and black-box penetration testing specifically focused on identifying security vulnerabilities in Qualtrics web applications.
- Produce clear comprehensive business and technical documentation for all penetration testing engagements effectively communicating findings risks and remediation recommendations to both technical teams and executive stakeholders.
- Work with engineering teams to design and develop applications that incorporate security best principles.
- Analyze software applications for security vulnerabilities using manual and automated source code review tooling.
- Identify security risks and weaknesses in software architecture by performing application threat modeling.
- Use security testing tools to identify track and fix vulnerabilities in applications and enterprise infrastructure.
- Maintain and generate reports on application and infrastructure security posture metrics KPIs and vulnerabilities to support enterprise and security architects.
- Conduct internal pen test engagements with the Qualtrics Security Operations teams and Engineering stakeholders.
- Collaborate with Engineering teams through multiple channels including application review sessions threat modeling and security champions program.
- Own and operate the Qualtrics vulnerability disclosure and bug bounty programs.
What Were Looking For On Your Resume
- Minimum of 3 years of recent experience in offensive security.
- Conduct comprehensive penetration testing on complex web applications identifying and exploiting vulnerabilities.
- Produce clear comprehensive business and technical documentation for penetration testing engagements effectively communicate findings risks and remediation recommendations to both technical teams and executive stakeholders.
- Familiarity with application security frameworks (e.g. OWASP Top Ten).
- Relevant pentesting-related security certifications such as but not limited to CEH GWAPT GPEN OSCP GCIH OSEP.
- Demonstrated track record of discovering reporting and responsibly disclosing Common Vulnerabilities and Exposures (CVEs).
- Strong knowledge of AWS security best practices including IaC as it pertains to hardening a cloud-centric infrastructure.
- Experience with the Secure Development Lifecycle (SDL) framework and its phases.
- Bachelors degree from an accredited college or university in Computer Science Information Technology or Engineering or relevant work experience
- Development experience using either Python JavaScript Ruby Go or other relevant language; minimum three years of recent work experience identifying and mitigating security issues in software and knowledge of secure code development best practices.
- Experience using SAST SCA DAST and CNAPP tools.
- Excellent communication skills and meticulous attention to detail;
Remember were more interested in the achievements youve made over the years than the number of years youve worked. If you have confidence in your abilities but hesitate to apply due to self-doubt we encourage you to take the leap.
What You Should Know About This Team
- Innovative Environment: The Security Engineering team is at the forefront of Qualtrics cutting-edge advancements in Experience Management and AI employing advanced technologies to enhance the integrity and security of our platform.
- Critical Function: Our efforts are foundational to the insights our clients derive across their entire lifecycle from employee experience to market research. By securing vital data we empower organizations to bridge the digital divide and roll out intuitive products globally.
- Technical Expertise: Though we have a specialized focus on security our work is highly technical and innovatively driven rooted in complex problem-solving.
- Significant Impact: By ensuring robust security and data protection our team significantly enhances the quality and trustworthiness of Qualtrics offerings reinforcing customer confidence.
- Growth-Oriented Culture: We promote a learning environment where team members can work with advanced tools and methodologies expanding their skill sets while contributing to the companys ambitious mission.
Joining our team means stepping into a role thats vital challenging and deeply linked to Qualtrics aim of reshaping industries by harnessing the power of Experience Management and AI.
Our Teams Favorite Perks and Benefits
- Wellness Reimbursement for $300 per quarter for wellness activities including gym memberships spa massages workout equipment meditation apps and much more.
- $1800 Experience bonus to be used for an Experience of your choosing
- Amazing QGroup Communities; MOSAIQ Green Team Qualtrics Pride Q&Able Qualtrics Salute and Womens Leadership Development which exist as places for support allyship and advocacy.
The Qualtrics Hybrid Work Model: Our hybrid work model is elegantly simple: we all gather in the office three days a week; Mondays and Thursdays plus one day selected by your organizational leader. These purposeful in-person days in thoughtfully designed offices help us do our best work and harness the power of collaboration and innovation. For the rest of the week work where you want owning the integration of work and life.
Qualtrics is an equal opportunity employer meaning that all qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability status as a protected veteran or any other protected characteristic.
Applicants in the United States of America have rights under Federal Employment Laws:Family & Medical Leave Act Equal Opportunity Employment Employee Polygraph Protection Act
Qualtrics is committed to the inclusion of all qualified individuals. As part of this commitment Qualtrics will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process to perform essential job functions and/or to receive other benefits and privileges of employment please let your Qualtrics contact/recruiter know.
Not finding a role thats the right fit for now Qualtrics Insiders is the one-stop shop for all things Qualtrics Life. Sign up for exclusive access to content created with you in mind and get the scoop on what we have going on at Qualtrics - upcoming events behind the scenes stories from the team interview tips hot jobs and more. No spam - we promise! Youll hear from us two times a month max with fresh totally tailored info - so be sure to stay connected as you explore your best role and company fit.
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
