Senior Offensive Security Engineer
Lead red and purple team engagements to test Huntress' defenses against advanced adversaries. Perform penetration testing, social engineering, and collaborate with security teams to improve detection and response.
Responsibilities
- Plan, design, and execute red (and purple) team engagements to simulate advanced adversarial tactics and techniques
- Perform in-depth penetration tests on web applications, endpoint agents, internal systems, and people
- Utilize a mix of traditional scripting and generative AI platforms to rapidly prototype tools, replicate sophisticated cyber threats, and automate repetitive workflows during live engagements
- Conduct social engineering campaigns to evaluate human vulnerabilities
- Collaborate closely with the Security Operations Center and CSIRT teams to enhance detection and response capabilities
- Stay informed on emerging threats and update red teaming methodologies
- Partner with Product Security to prioritize testing efforts for new releases
- Analyze and exploit vulnerabilities through detailed operational logging, leveraging strong documentation and communication skills to translate complex technical findings into actionable remediation guidance
- Develop and deliver detailed technical and executive-level reports post-engagement
- Integrate red team tools, techniques, and processes into a broader security strategy
- Lead or participate in after-action reviews to identify lessons learned
- Assist in designing and implementing security controls based on red team findings
Requirements
- 3+ years of experience as an offensive security professional
- Documentation-first mindset
- Deep knowledge of adversarial tradecraft
- Expert knowledge of cloud computing platforms (AWS, Azure)
- Skills in scripting languages
- Experience communicating findings that inform defenses
- Pragmatic approach to problem solving
Nice-to-Haves
- Experience working in a primarily macOS environment
Compensation & Benefits
- $170,000 - $185,000 base salary plus bonus and equity
- 100% remote work environment
- Generous paid time off policy including vacation, sick time, and paid holidays
- 12 weeks of paid parental leave
- Comprehensive medical, dental, and vision benefits
- 401(k) with 5% contribution regardless of employee contribution
- Life and Disability insurance
- Stock options for all full-time employees
- $500 one-time home office reimbursement
- Annual education and professional development allowance
- $75/month digital reimbursement
- Access to BetterUp coaching platform
Senior Privacy Engineer
Lead privacy engineering projects protecting user data across search, browser, and AI features. Own major privacy components, participate in audits, and mentor engineers using Go, Node.js, Python, or Perl.
Product Security Engineer
Product Security Engineer embedding into engineering workflows to conduct architecture reviews, threat modeling, and penetration testing coordination while serving as GCP security SME. Requires 5-7 years experience and strong GCP and Python skills.
Senior Product Security Engineer II
Senior security engineer focused on offensive security testing, penetration testing, and scaling security practices across Instacart's product suite. Requires 7+ years in security engineering or pentesting with experience in mobile, cloud, or AI security.
Senior Security Engineer, GRC
Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.