Staff Offensive Security Engineer

Job Description

What you'll be doing

Work in a team-orientated, fast-paced, global, and flexible environment

Perform penetration testing across our entire product and infrastructure

Perform SaaS-based red team exercises with specific goal oriented objectives

Continuously evolve your skills toward AI evaluation and knowledge based on emerging tactics, techniques and procedures related to AI agent vulnerabilities

Collaborate with our AI Security, threat intelligence, threat monitoring and threat engineering teams to understand our threats, provide practical validations of threats and ensure our protections and incident response are continuously refined

Provide actionable insights for our Product Development team regarding vulnerabilities

What you bring to the role

A deep understanding of SaaS environments including the unique security threats that apply.

Strong technical understanding of LLM architectures, RAG pipelines, and agentic AI systems, including their attack surfaces, vulnerabilities, and security implications

A demonstrated understanding of quantitative analysis for large scale evaluations.

Excellent problem solving skills and self-motivation to learn and upskill regularly.

Excellent communication skills, with the ability to actively listen, take on feedback and be a positive member of any team.

Basic Qualifications :

At least 7 years of professional experience in the field of offensive security.

A strong knowledge of modern web application architecture and the vulnerabilities often associated with them.

A strong knowledge of LLMs including their unique security threats, and how embedded vectors impact performance

Proficiency in offensive security tooling such as a web proxy like Burp Suite, Nmap, Kali and a scripting language of your choice.

Preferred Qualifications :

Experience with AWS and its security features

Experience with developing or testing AI systems at scale.

Experience with AI Security tools (e.g., promptfoo, etc.)

Experience with MacOS & Apple infrastructure and its security features

10+ years of professional experience in the field of offensive security

Professional certifications related to offensive security, including but not limited to : OSCP, CEH, CPT, GPEN, OSCE, OSWP, OSWE, OSEE, OSDA, PNPT, CPENT, CRTO, GXPN

Published vulnerabilities, bug bounty reputation or other contributions to the industry

Talks, conference appearances or other professional event experience

The US annualized base salary range for this position is $215,000.00-$323,000.00. This position may also be eligible for bonus, benefits, or related incentives. While this range reflects the minimum and maximum value for new hire salaries for the position across all US locations, the offer for the successful candidate for this position will be based on job related capabilities, applicable experience, and other factors such as work location. Please note that the compensation details listed in US role postings reflect the base salary only (or OTE for commissions based roles), and do not include bonus, benefits, or related incentives.