Senior Security Engineer

Santa Clara, CA

Posted: 10/31/2019 Industry: Software Engineer Job Number: 23689

Job Description

Category : Software Engineer
Location/City : CA - Santa Clara
Area Code : 510
Job Type : 1: Full Time
Country/Locale :
Id : 23689


Senior Security Engineer - Red Team
Santa Clara (San Francisco Bay Area)



About the position:
We are looking for a Senior Security Engineer passionate about identifying security
vulnerabilities in designs. You will participate in continuously improving security posture of
Our Edge Computing platform which is used to deploy global, scalable and secure
applications. Your work includes, but not limited to, understanding the architecture and
implementations of our platform, using and building tools to identify vulnerabilities, provide
example exploitation code/steps, recommend mitigation strategies, and verification of mitigation.


Responsibilities:
? Collaborate with architects, operations, and business leaders to understand the attack
surface areas, prioritize assessment areas based on threat level, document test plans,
design testing solutions, and implement them to provide strong security to our platform.
? Conduct vulnerability assessments at Web, Container, Network, and System levels using
tools (such as Burp Suite, Cobalt Strike, Metasploit, Empire, Nessus, Nexpose, nmap, etc.)
and manual techniques. You will also write your own tools and automation scripts for
repeated testing.
? Keep abreast with industry best practices around Web Application Security, Container
Security, System security, etc. and make them part of your recommendations.
? Make use of existing monitoring and alerting systems and/or build tools to alert on anomalies
in system behavior.
? Demonstrate technical leadership in your domain areas; mentor non-security teams and
review the security fixes
? You will vet various open source and closed source technologies, components, libraries,
tools, etc.
? Hands-on coding in multiple languages while considering performance, scalability,
maintainability, and flexibility
? Excellent written and verbal communication skills


Minimum qualifications:
? BS degree in computer science or equivalent
? Proven experience in Red Teaming - Minimum 2 years
? Industry Certifications (e.g. OSCP, OSCE, GPEN, CREST)
? Deep knowledge of Application, Web and Network penetration testing techniques
? Proficiency in a programming/scripting language(s) (e.g. Python, Go, C, C++, Powershell)
? Good understanding of web, networking, and protocols (TCP, HTTP, DNS, TLS, IPSec)
? Good understanding of Cloud and Cloud-native technologies (Docker, Kubernetes, etc.)
? Experience employing phishing and other social engineering tactics
? Proven ability to effectively communicate findings and mitigation strategies to stakeholders
and develop comprehensive and accurate reports and presentations for both technical and
executive audiences


Desired qualifications:
? Experience writing highly reliable backend services
? Experience with running Bug Bounty
? Experience reviewing source code


About the company:
We are a startup focused on Edge Services and funded by venture firms - Mayfield, Khosla
Ventures & Microsoft M12.
We are an equal opportunity employer and value diversity at our company. We do not
discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age,
marital status, veteran status, or disability status.
We offer a comprehensive benefits package for full-time employees: Medical, Dental, and
Vision Insurance; Flexible Spending Accounts (health, dependent care, & transit); Life and AD&D
Insurance; Short-Term and Long-Term Disability Insurance; 401(k) with a Company match of up
to 6%; and un-accrued flexible time off.



Apply Online

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.