Senior Offensive Security Engineer
This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Offensive Security Engineer in the United States.
This role sits at the core of a mature offensive security function focused on simulating real-world adversaries and strengthening enterprise defenses. You will design and execute advanced red team and purple team engagements to uncover weaknesses across cloud, application, endpoint, and human attack surfaces. The work is highly hands-on, blending penetration testing, adversary emulation, and security research in a fast-moving technical environment. You will collaborate closely with detection, incident response, and product security teams to translate findings into measurable defensive improvements. The environment is highly collaborative, expert-driven, and built around continuous learning and threat-informed security practices. This position offers significant autonomy in shaping offensive methodologies and improving organizational resilience at scale.
Accountabilities:
- Plan, design, and execute red team and purple team exercises that emulate advanced adversary tactics, techniques, and procedures across diverse environments.
- Perform penetration testing across web applications, cloud infrastructure (AWS, Azure), endpoints, internal systems, and human attack vectors, including social engineering campaigns.
- Develop and adapt offensive tooling using scripting and generative AI platforms to replicate threats and automate operational workflows.
- Partner with SOC and incident response teams to improve detection engineering, response playbooks, and overall security visibility.
- Analyze vulnerabilities through deep technical investigation and operational logging, translating findings into actionable remediation guidance.
- Produce clear, structured technical and executive-level reports and participate in after-action reviews to drive continuous improvement.
- Contribute to the evolution of red team strategy, tooling, and integration into broader security programs.
- 3+ years of experience in offensive security, penetration testing, or red teaming roles.
- Strong understanding of adversarial tradecraft, attack lifecycle frameworks, and real-world exploitation techniques.
- Hands-on expertise with cloud platforms such as AWS and Azure.
- Proficiency in scripting languages (e.g., Python, Bash, or similar) and experience building security automation tools.
- Ability to clearly document and communicate complex technical findings to both technical and non-technical stakeholders.
- Strong analytical and problem-solving mindset with a pragmatic, impact-driven approach.
- Experience working in macOS-based environments is considered a strong advantage.
- Familiarity with modern security operations and detection engineering concepts.
- 100% remote work environment with long-standing distributed team culture.
- Competitive compensation package including base salary, bonus, and equity opportunities.
- Comprehensive health coverage including medical, dental, and vision plans.
- 401(k) plan with employer contribution regardless of employee participation.
- Generous paid time off, including vacation, sick leave, and paid holidays.
- 12 weeks of fully paid parental leave.
- Stock options for all full-time employees.
- Home office setup reimbursement and monthly digital wellness stipend.
- Annual learning and professional development budget.
- Access to coaching and personal development platforms to support career growth.