Senior Offensive Security Engineer

Remote $112k–$188k senior 2 months ago full-time quality 8.6/10
Security ResearchRed TeamCI/CDAWS CloudApplication SecurityThreat IntelligenceCode ReviewsProduct SecurityKubernetesGo DevelopmentIncident InvestigationPurple Team
  • Manage our bug bounty program, reviewing reports, engaging with researchers and cooperating with software engineering to fix bugs
  • Reviewing the outcomes of external penetration tests, replicating issues and again, working with engineering to fix findings
  • Conducting internal penetration tests on our software and infrastructure stack
  • Red and purple team exercises to test our monitoring
  • Security research & threat Intelligence, working with security response
  • Application security & code reviews, internal training of engineers
  • Being part of incidents to help triage and investigate issues
  • 5+ Years in Information Security.
  • Proven expertise in offensive security either through certifications, recognition, or referees.
  • Strong communication skills and work ethic: contribute actively to the company and become ‘known’
  • Candidates with less experience will be considered for an Offensive Security Engineer position.
  • Work from home to help you find the perfect balance between work, family and personal life
  • 25 days of annual leave, on top of public holidays, as well as maternity, paternity and childcare leave… etc to accommodate your growing responsibilities
  • A top tier & comprehensive medical, dental and vision policy for you and your dependents
  • Professional development allowance to support your career advancement
  • Access to our annual wellness benefits to cultivate your physical and mental growth
  • Remote Working policy, where you get to work away from your home country
  • Team building & offsite events to bring our global team closer
  • Life insurance coverage to provide a safety net for your family’s future

Similar jobs

Before you apply

  • Legitimate employers never ask you to pay anything to apply or get hired.
  • Never share seed phrases or private keys. No real job needs them.
  • Do not install software ("test tasks", "trading tools", "video call clients") sent during hiring.
  • Check that the application page's domain really belongs to Bitmex.