Red Team Engineer/ Offensive Security Lead

2 hours, 28 minutes ago
Full-time
Senior
Cybersecurity
Authentic8

Authentic8

Authentic8 provides a secure and anonymous online investigation platform, Silo, that allows users to conduct investigations without revealing their identity or intent. With complete control over web browsing and third-party apps, Authentic8 ensures dat...

IT Services
51-250
Founded 2010

Description

  • Design, build, and operate an AI-augmented red teaming harness using frontier LLM APIs.
  • Implement a control loop architecture for autonomous and semi-autonomous vulnerability discovery.
  • Integrate the harness with SBOM tooling, CVE monitoring feeds, and CI/CD pipeline security tools.
  • Conduct adversarial testing across internal and external attack perspectives.
  • Chain findings to identify exploitable paths and corresponding vulnerabilities.
  • Validate and prioritize findings using CVSS, EPSS, and KEV context before handoff to patch management.
  • Support the development and day-to-day operation of the internal Bug Bounty Program.
  • Collaborate with engineering on custom mitigation decisions when vendor patches are unavailable.
  • Own security stage-gates within the CI/CD pipeline and integrate security findings into the build process.
  • Partner with DevSecOps, SOC, and security leadership on harness architecture, monitoring, prioritization, and reporting.

Requirements

  • 5+ years of experience in cybersecurity, penetration testing, or red team operations.
  • Demonstrated experience building tools, such as scripting exploits, automating workflows, or constructing test harnesses.
  • Python and/or Go experience strongly preferred.
  • Hands-on experience with LLM APIs in a security or agent context.
  • Understanding of tool use, control loops, and context management in agent architectures.
  • Proficiency with static and dynamic analysis (SAST/DAST) and ability to interpret and chain automated findings.
  • Working knowledge of CVE and vulnerability data sources, including NVD, EPSS, KEV, OSV.dev, and the GitHub Advisory Database.
  • Experience testing cloud-hosted SaaS platforms, with GCP familiarity preferred.
  • Familiarity with container security and Linux-based infrastructure.
  • Ability to work independently, manage scope, and deliver against milestones.
  • Excellent documentation and communication skills.
  • Must be a US citizen.
  • Experience with frontier AI model platforms in an agentic context strongly desired.
  • OSCP, GXPN, GPEN, or equivalent offensive security certification strongly desired.
  • Experience with SBOM tooling and software composition analysis strongly desired.
  • Familiarity with CI/CD pipeline security tooling such as Snyk and SonarQube strongly desired.
  • Experience with infrastructure-as-code or configuration management security, with Chef/InSpec as a plus, strongly desired.
  • Bug bounty program operations experience on platforms such as HackerOne or Bugcrowd strongly desired.

Benefits

  • Salary range of $150,000 to $175,000, depending on location, skills, experience, and education or training.
  • Medical, dental, and vision insurance.
  • Flexible PTO.
  • 401(k) program.
  • Stock options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Security Consultant-Threat & Attack Simulation- Remote (Anywhere in the U.S.)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Security Consultant to support its Threat & Attack Simulation practice by delivering client-facing offensive security assessments and helping evolve the team’s service offerings.

Active Directory AWS Azure Cybersecurity GCP Penetration Testing
1 hour, 43 minutes ago

Software Engineer - Security Test

PayJoy 1K-5K Banks

PayJoy is hiring a Software Engineer - Security Test to monitor Android attack tools and conduct security testing for its lock products and related OEM mobile devices.

Android
1 hour, 43 minutes ago

Security Sales Solutions Specialist

Cybit 51-250 Internet Software & Services

Cybit is hiring a remote UK-based Security Sales Solutions Specialist to drive cybersecurity revenue growth by developing and closing customer opportunities across managed security, cloud, and risk-focused solutions.

Cybersecurity Network Security SIEM SOC
1 hour, 58 minutes ago

Information Security Specialist

Vero HR 11-50 Professional Services

Information Security Specialist at a fast-growing consultancy supporting a diverse range of clients by reviewing security posture, guiding improvement initiatives, and delivering client security projects.

Cybersecurity HIPAA Penetration Testing
2 hours, 13 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers