Skip to content
ChimeChimeSan Francisco, CA

Senior Offensive Security Engineer

Leads offensive security program by conducting red team exercises, developing custom exploits, and emulating adversaries to identify weaknesses in web apps, cloud platforms, and Kubernetes infrastructure. Requires 4+ years in offensive security or red teaming with strong cloud attack experience.

181k – 250k/yr
Hybrid4+ YOESecurity Engineering

About the role

Responsibilities

  • Independently manage complete red team exercises.
  • Partner with Engineering, Product, IT, and other business functions to drive security improvement across the organization.
  • Research emerging attack vectors, vulnerabilities and techniques.
  • Utilize offensive skills to identify weaknesses and build defenses against those who may point their attacks at Chime.
  • Develop custom payloads and exploits.
  • Emulate adversaries like cybercriminals and insider threats by attacking web applications, cloud platforms and supporting services (Kubernetes / Container Orchestration platforms etc.).
  • Collaborate closely with detection engineers to build high fidelity alerting based on emerging attack vectors and tactics, techniques and procedures.
  • Participate in purple-team exercises to mature the security program.

Requirements

  • 4+ years of combined experience in either an offensive security, red teaming, or application security role.
  • Experience in conducting surreptitious cloud based attacks.
  • Experience with developing custom tools and payloads which bypass defensive products, and remain undetected in a mature network environment.
  • Ability to perform unsupervised red team engagements and experience with performing adversarial simulation.
  • Ability to explain vulnerabilities and weaknesses to non-technical stakeholders.

Nice to Haves

  • Relevant certifications: OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Expert) and OSEE (Offensive Security Exploitation Expert), Certified Red Team Operator (CRTO), GIAC Red Team Professional certification (GRTP).

Compensation

  • Base salary: $181,000 - $250,000.
  • Full-time employees eligible for bonus, competitive equity package, and benefits.

Skills

Red TeamingOffensive SecurityCloud AttacksKubernetesCustom ExploitsAdversarial SimulationPurple TeamingWeb Application SecurityPayload DevelopmentVulnerability Research
Postman

Senior GRC Engineer

PostmanSan Francisco, CA

Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.

180k – 200k/yr
On-site6+ YOESecurity Engineering
Monarch

Senior Application Security Engineer

MonarchUnited States

Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.

180k – 215k/yr
Remote5+ YOESecurity Engineering
Temporal

Senior Security Engineer, GRC

TemporalUnited States

Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.

180k – 225k/yr
Remote8+ YOESecurity Engineering
Kaizen Labs

Senior Security Engineer

Kaizen LabsNew York, NY

Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.

180k – 220k/yr
Hybrid5+ YOESecurity Engineering
Lumin Digital

Manager, Network Security

Lumin DigitalUnited States

Lead and build a new network security function at a fintech company, managing a team of engineers, setting technical direction for cloud-native network security architecture, and establishing automated, identity-aware security controls across cloud, SD-WAN, and ZTNA environments.

180k – 200k/yr
Remote7+ YOESecurity Engineering