Remote Senior Security Engineer (Offensive)

Description:

• Develop security architectures for various IT+workforce projects.
• Create detailed design documents and guidelines for Engineering Teams.
• Ensure security requirements are detailed and integrated into all stages of the SDLC.
• Execute comprehensive penetration tests on web applications, networks, and systems to identify security vulnerabilities.
• Perform advanced red team exercises to simulate real-world attack scenarios and assess the effectiveness of security defenses.
• Develop and execute detailed attack plans, leveraging a wide range of tools and techniques to compromise targets.
• Analyze and document findings, providing clear and actionable recommendations for remediation.
• Collaborate with security teams and stakeholders to enhance security posture and implement mitigation strategies.
• Stay up-to-date with the latest security trends, vulnerabilities, and attack techniques.
• Mentor and train junior security engineers, sharing knowledge and best practices.
• Assist in developing security policies, procedures, and guidelines to strengthen the organization's security framework.
• Participate in security research projects to discover new vulnerabilities and improve existing security tools.

Requirements:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
• Minimum of 5 years of experience in offensive security, ethical hacking, or penetration testing.
• Strong knowledge of network protocols, operating systems, and security architectures.
• Proficiency in using penetration testing tools such as Burp Suite, Kali, nmap, Wireshark, and Metasploit.
• Experience with scripting and programming languages (e.g., Python, Bash, PowerShell, Go, Javascript) to develop custom tools and exploits.
• Proficiency with AWS, modern web application and data pipelines (i.e., Node.js, python).
• Comprehensive understanding of the OWASP Top Tens (WebApp, LLM, CI/CD) and common weaknesses and vulnerabilities.
• Relevant certifications such as AWS Certifications (Solutions Architect, Security Speciality, etc.), GWAPT, OSWE, OSCP, OSCE, OSEP, OSEE, CCSAS, CCT INF, or relevant SANS courses (SEC540) are highly desirable.
• Excellent problem-solving skills and the ability to think like an attacker (i.e., active defender mindset).
• Strong written and verbal communication skills, with the ability to develop documentation and explain technical details in a concise manner.
• Proven ability to work independently and as part of a team in a fast-paced, dynamic environment.

Benefits:

• Join a mission-driven company focused on improving scientific communication and accelerating scientific discovery.
• Work collaboratively towards a shared vision with a community of loyal fans and users who love the product.
• Enjoy being part of a profitable and rapidly growing company with users in over 200 countries.
• Benefit from an inclusive hiring process and work environment that values diversity.
• Remote-first work environment with the flexibility to work from anywhere in the US or Canada.
• Backed by top investors, accelerators, and successful life science entrepreneurs and philanthropists.
• Commitment to building a warm, inclusive, and diverse environment for all employees.