about 5 hours ago
Base Salary
$156k - $229k/yr
Responsibilities
- Perform manual and automated testing of web applications, APIs, and mobile apps.
- Conduct network and cloud level assessments using various tools.
- Triage and validate vulnerability reports from scanners and bug bounty hunters.
- Execute initial prompt injection and jailbreak tests on AI prototypes.
- Draft high-quality technical reports detailing paths to compromise.
- Manage and update the team's testing infrastructure.
- Provide technical guidance to engineering teams on patching vulnerabilities.
- Design and lead Red Team operations to test detection capabilities.
- Build custom payloads and scripts to bypass security measures.
- Create automated testing frameworks for AI systems.
- Execute sophisticated attacks against cloud infrastructures.
- Collaborate with SIRT and Detection Engineering to tune SIEM alerts.
- Oversee the organization's bug bounty program and suggest security changes.
Requirements
- 7-10 years of experience in offensive security and penetration testing.
- Expert knowledge of the MITRE ATT&CK matrix and OWASP Top 10.
- Proficient in popular offensive security tools like Burp Suite and Metasploit.
- Ability to write functional scripts in Python or Bash.
- Possession of advanced industry certifications such as OSCP or OSWE is highly desirable.
- Telecom expertise is preferred.
Benefits
- Competitive pay and generous time off.
- Ample parental and wellness leave.
- Healthcare and retirement savings program.
- Remote work flexibility.