Senior Security Engineer
Remote job description
We are AttackIQ and we are engineering a disruptive security product that delivers continuous validation of your enterprise security program so you can find the gaps, strengthen your security posture and exercise your incident response capabilities.
We work with top companies around the world which surely you use their products or services on a daily basis. We give an answer to their needs by helping them validate their cybersecurity-related assumptions.
How Do We Do It?
At the core of our values at AttackIQ is the ability to challenge ideas and engage in thoughtful discourse. We've created an environment where every employee is well respected and where anyone can be respectfully challenged regardless of their position.
Our work environment is joyful while holding ourselves to high standards. We like to be surrounded by amazing peers from whom we can learn from. We like to joke, we like to learn, we take ownership and we take pride in our work. We also like to play ping pong!
These are the values by which we live:
We are the sum of the contributions of all of our employees. We play to win and openly discuss options when our goals compete. We unite to deliver results for our company and customers.
- Impress Every Customer
- Put the customer at the center of everything we do. Surpass expectations, every time.
- Do the Right Thing
- What do you do when no one else is looking? We act with integrity and honesty and focus on putting ourselves in the shoes of others.
- We never give up seeking creative ways to solve problems.
- Operate with Transparency
- We share information. Share mistakes. Share victories.
- People First
We empower our employees to work in an environment that is conducive to creating the optimal work/life balance. In addition, every one of us is dependent on one another, with our time, with our knowledge, with our craft. It's the heart of who we are as an organization.
Who Are You?
You are a passionate person. You are not only a dedicated individual contributor but also a team player. You demonstrate a genuine interest in understanding why you are working on something and you are able to respectfully challenge any decision in pursuit of a solution to engineering and customer problems.
You don't feel comfortable working as if in a supply chain and you are eager to get involved in anything that could tangentially impact your work.
You are used to getting things done and you are confident about your skills but still humble and able to accept criticism and follow guidelines.
As a security engineer at AttackIQ one of your responsibilities will be to carry out threat research in order to understand current threats and influence the engineering and product roadmap of the AttackIQ's Platform.
You will need to have a deep understanding of the problems that AttackIQ customers face when trying to improve their security posture and help them to do so using our platform.
This means that you will also need to meet with highly technical security engineers working for top-tier companies in order to understand how to better help them achieve their goals. This is a great opportunity to get exposure to how companies around the world build their security programs and what challenges they face.
You will need to understand the threat model of our product and improve our SDLC as well as other areas of our internal security posture.
- Proficient communication skills
- Proficient English communication skills
- +5 years of red teaming experience in corporate environments
- Real world experience building and operating red teaming infrastructure & tools
- Deep understanding of frameworks such as cobalt strike, msf, etc
- Extensive experience developing software (focus on python, or powershell, or C#, or Go)
- Knowledge on how to troubleshoot in Windows (Windows Event Log, Registry, Procmon, Process Explorer, WinDBG,
- Wireshark, etc) and Unix (ps, lsof, strace, ltrace, GDB, tcpdump, etc)
- Real world experience with EDRs (Crowdstrike, MS ATP, SentinelOne, etc) and/or NGFW (Palo Alto, Checkpoint, etc) and/or SIEMs (Splunk, QRadar, etc)
- Understanding and experience in the BAS industry
- Experience with cloud security controls (GuardDuty, CloudTrail, Azure Defender, etc)
- Understanding and operationalization of the MITRE ATT&CK framework in corporate environments
- Ideally, you have presented your work at either national or international conferences.
- Ideally, you have created or contribute to open source cybersecurity projects.
How to Apply
Send an email to email@example.com with Subject Line: "Senior Security Engineer"
Note to all recruitment agencies
AttackIQ does not accept agency resumes without a signed agreement. Please do not forward resumes to our jobs alias, our employees, or any other company location. AttackIQ is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with us.
At AttackIQ we value diversity and are proud to be an equal opportunity employer.
Company name: AttackIQ
Remote job title: Senior Security Engineer