Expert Security Engineer - Offensive Security

ire technology stack.
Drive detection engineering partnerships: collaborate with detection engineers through purple team exercises, attack simulations, and threat emulation to improve detection coverage.
Develop custom tools and frameworks: build and maintain security testing tools, frameworks, and automation scripts that enable repeatable testing and quantifiable security improvements.
Build security metrics: design and implement frameworks to measure security control effectiveness, detection coverage, and improvement over time through consistent testing methodologies.
Research and innovate: stay current with the latest attack techniques, tools, and methodologies while building out both offensive and defensive security improvements.
Mentor and collaborate: share knowledge across security teams and foster a culture of continuous security improvement.

Required Experience:

5+ years: professional experience in offensive security, with demonstrated experience in red team and purple team exercises, penetration testing, and detection engineering teamwork.
Development experience: proficiency in Python or other programming language for building security tooling and automation.
Security assessment expertise: performing full-stack security assessments of web and mobile applications, APIs, on-prem and cloud infrastructure, and backend systems..
Deep understanding: common attack techniques; exploit development; post-exploitation methodologies; security assessment frameworks (MITRE ATT&CK, PTES); and modern detection stack components (EDR, SIEM, XDR).
Knowledge: of networking, operating systems, security protocols, security concepts including reverse engineering, cloud security (AWS/Azure), container security, CI/CD pipeline security, API security, and security metrics development.
Certifications: such as OSCP, OSCE, GXPN, or equivalent practical experience.
Interpersonal skills: strong analytical and problem-solving abilities; excellent technical writing for detailed reports; ability to clearly communicate complex technical concepts; self-motivated with a passion for offensive security and detection engineering.