Staff Offensive Security Engineer

You will plan and execute security assessments across applications, infrastructure, and physical environments to simulate adversary behavior and identify real-world risks. You will perform threat modeling and penetration testing, develop tooling and automation for testing, run adversarial simulations with detection teams, lead remediation efforts and security incidents when needed, and mentor other security engineers while clearly communicating findings to technical and non-technical stakeholders.

Responsibilities

• Evangelize Offensive Security findings and projects with stakeholders and collaborate to create balanced solutions
• Mentor and provide guidance to members of the Offensive Security team
• Plan and execute red team exercises including long-term assessments that simulate real-world attack scenarios
• Perform threat modeling and penetration testing across applications, infrastructure, and corporate environments
• Develop scripts and tools to support and automate security testing activities
• Partner with detection and response teams to run adversarial simulations and improve incident readiness
• Communicate findings clearly and work with engineering teams to remediate identified risks
• Lead security incidents when pentest or red team findings require incident response
• Plan and participate in adversarial simulation exercises with various security teams

Requirements

• 8+ years of experience conducting red team operations or advanced penetration testing
• Experience mentoring or supporting the development of other security engineers
• Excellent written and verbal communication skills with ability to communicate to engineers and executives
• Familiarity with common network protocols and standards such as DNS and TCP/IP
• Experience with MacOS and Linux
• Experience leveraging CI, container orchestration systems, and cloud providers (Kubernetes, Docker, AWS, GCP) to attack and harden systems
• Knowledge of defensive tools and techniques (IDS, IPS, packet capture, network analysis, AV, EDR) and evasive techniques
• Deep understanding of MITRE ATT&CK Framework
• Strong understanding of access and identity security fundamentals
• Comfortable reading and writing Python, Go, and JavaScript
• Ability to research and execute testing plans for new technologies and processes
• Demonstrated experience working with distributed teams and documenting technical details in text-based mediums

Benefits

• Market competitive and pay equity-focused compensation structure
• Bonus opportunities
• Equity
• 100% paid health insurance for employees with 90% coverage for dependents
• Annual lifestyle wallet for wellness and learning
• Lifetime family forming and fertility benefits
• Dedicated mental health support for employees and eligible dependents
• Generous time away including company holidays, paid time off, sick time, and parental leave
• Lively office environment with catered meals and fully stocked kitchens
• Geo-specific commuter benefits