Job Specifications
We are seeking a skilled Security Engineer who has touched a little bit of everything but with a strong offensive security focus to join a growing security team. This role is ideal for someone who thrives in hands-on technical work, understands attacker mindset deeply, and enjoys shifting between offensive assessments, detection engineering, and core infrastructure hardening.
This is a high-impact role where you’ll contribute across cloud, endpoint, identity, and application layers—supporting both proactive and reactive security engineering efforts with a “builder who can break things” mentality.
Compensation: $120–140k base + bonus + equity.
Logistics: Remote within the US.
Here's what you'll be doing:
Perform offensive security testing across cloud, infrastructure, identity, and application environments (adversary simulation, exploit pathing, misconfiguration discovery).
Build and refine detections based on real attacker behavior, leveraging threat emulation and detection-as-code patterns.
Engineer security controls and hardening across IAM, endpoint, network, and cloud ecosystems.
Develop Python/PowerShell tooling to support offensive workflows, automation, and testing harnesses.
Conduct threat modeling and attack path analysis, then work directly with engineering partners to validate and remediate risks.
Support improvements in logging, telemetry, and alerting pipelines to strengthen coverage and detection fidelity.
Maintain a lab environment for experimentation with exploits, malware behavior, cloud attack patterns, and emerging TTPs.
Collaborate with cross-functional teams to improve the overall security posture and guide secure design decisions.
And what you need to have:
4+ years in security engineering, offensive security, red teaming, threat hunting, or similar hybrid security roles.
Hands-on experience with attacker TTPs (MITRE ATT&CK, privilege escalation, lateral movement, cloud attack vectors).
Strong scripting ability with Python, PowerShell, or Bash for tooling, automation, or exploit proof-of-concepts.
Experience assessing or securing at least one major cloud provider (AWS, Azure, GCP), including discovering and validating misconfigurations.
Familiarity with SIEM, vulnerability management, IAM fundamentals, endpoint detection technologies, logging/alerting pipelines, etc.
Ability to translate offensive findings into actionable defensive engineering improvements.
Curiosity-driven mindset: homelabs, side projects, CTFs, fuzzing, exploit tinkering, research, or open-source contributions.
Strong communication skills with the ability to work across engineering, infrastructure, and leadership stakeholders.
No CTC or sponsorship at this time.