Senior Offensive Security Engineer (Cybersecurity)

TL;DR

Senior Offensive Security Engineer (Cybersecurity): Executing red and purple offensive operations and delivering results to stakeholders with an accent on identifying weaknesses in product security controls and developing novel offensive techniques. Focus on modeling real-world threats, executing simulated attacks, and partnering with product teams for remediation and continuous improvement of security processes.

Location: Remote, United Kingdom

Company

hirify.global is the world’s leading AI-powered developer platform with over 180 million developers and is home to the biggest open-source community.

What you will do

• Conceptualize, plan, and execute offensive operations, leveraging threat intelligence.
• Digest application and service architectures to identify potential threats and avenues for exploitation.
• Identify weaknesses in product security controls, including vulnerabilities, misconfigurations, and process gaps.
• Advocate for best security practices and provide an offensive perspective to security initiatives.
• Partner with internal security and engineering teams on collaborative engagements.
• Collaborate with engineering teams and leadership to communicate risks and remediation expectations.

Requirements

• 7+ years of experience in security analysis, security research, cybersecurity, or security engineering.
• 3+ years of offensive experience including attack simulation, capability development, or vulnerability research.
• 1+ years of experience creating tooling in Python, Go, Ruby, or Javascript.
• 1+ years experience identifying common security vulnerabilities and mitigations within web applications and cloud infrastructure.
• English B2 proficiency required.

Nice to have

• 5+ years of offensive security experience, including red team engagements targeting macOS and cloud technologies (Azure, AWS, Containers, Kubernetes).
• Strong familiarity with the hirify.global platform and products.
• Contributed to open-source offensive security tooling or delivered novel research at industry conferences.
• Knowledge of approaches to evade EDR and similar defensive controls.
• Experience in security architecture review and threat modeling, especially with Ruby on Rails or Go applications.

Culture & Benefits

• Remote-first work environment.
• Competitive pay and generous learning and growth opportunities.
• Excellent benefits to support employees wherever they are.
• Diverse and inclusive culture with a focus on customer obsession, shipping to learn, and growth mindset.
• Emphasis on creating space for employees to do their best work.