Sr Product Security Engineer
BeyondTrustabout 4 hours ago
Responsibilities
- Perform deep, context-aware penetration testing of web applications, APIs, and cloud-native services.
- Build AI-powered threat hunting skills and fuzz factory plugins using Claude and Codex.
- Develop working proof-of-concept exploits for discovered vulnerabilities.
- Validate vulnerabilities from various sources and deliver specific fix recommendations.
- Partner with Cyber Defense and Security Architects to translate offensive findings into defensive capabilities.
- Build and maintain AI-driven security testing tooling integrated into CI/CD pipelines.
- Participate in threat modeling exercises to identify abuse cases and exploitation paths.
Requirements
- 5+ years in Product Security or Penetration Testing with hands-on testing and exploit development.
- Strong expertise in web application and API security, including authentication and injection attacks.
- Proficiency with penetration testing tools and methodologies.
- Hands-on experience using LLM platforms like Claude and Codex for security testing workflows.
- Experience building custom security tooling beyond off-the-shelf products.
- Strong understanding of common vulnerability classes and their real-world manifestations.
- Experience collaborating with defensive security teams to translate findings into detection capabilities.
- Understanding of cloud security fundamentals and CI/CD pipeline security.
- Strong communication skills to explain complex exploitation chains to engineering teams.