Principal Offensive Security Engineer (macOS)

SpecterOps is seeking a principal offensive security engineer to support adversary simulation and detection engagements, perform security research, develop offensive tooling, and provide security-related training for the macOS platform. The successful candidate will serve as an internal subject matter expert for the macOS platform and must have excellent technical skills, impeccable soft skills, and be a well-organized, self-directed individual. The position is remote, based in the U.S., with optional travel for company events and meetings.

Serve as a subject matter expert (SME) for offensive macOS operations and related technical capability development

Contribute to the development of macOS based agents for the Mythic C2 framework

Contribute new or improve existing content for SpecterOps training courses and assist in the delivery of course offerings (e.g., primary instruction and student support)

Serve as a primary instructor for the SpecterOps Adversary Tactics: Mac Tradecraft course at private and public offerings (including at BlackHat USA)

Conduct security related research into the macOS platform

Publish security related content for the macOS platform (e.g., blogs, webinars, white papers, conference talks)

Plan and conduct offensive engagements ranging in size, scope, focus, and approach

Effectively communicate findings, attack paths, and recommendations, and strategy to technical and executive client stakeholders through written reports and verbal presentations

Build scripts, tools, or methodologies to enhance offensive services

Utilize common offensive security testing tools and tradecraft

Stay up to date with cutting-edge adversary tradecraft and vulnerabilities

Effectively communicate successes and obstacles with fellow team members and team lead(s)

Interface with client contact(s) and staff in a constructive and professional manner

Participate in engagements from kickoff through remediation, and mentoring less experienced team members in relevant macOS tradecraft

Train team members in adversary Tactics, Techniques, and Procedures (TTPs) and tools

• A minimum of 5 years experience in offensive security
• Strong knowledge of the macOS operating system internals and current security challenges
• Proficient with Objective-C or Swift
• Familiarity with ARM (M1/2)-based macOS machines
• Experience with XPC, TCC, and the hardened runtime on macOS
• Experience with post-exploitation frameworks such as Mythic, Cobalt Strike, Metasploit, Sliver, or Covenant
• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy
• Strong written/verbal communication and interpersonal skills
• Willingness to develop and deliver training content as a lead course instructor
• Willingness to mentor and train fellow consultants
• Willingness to support delivery of public and private training offerings (e.g., providing lab support, fielding student questions, etc)
• Ability to travel domestically and internationally an average of 25% over the course of one year
• Must be able to pass a criminal background check

• Health/Dental/Vision: 100% covered for employee and family
• Life insurance: 100% covered
• 401(k): up to 4% match
• Equity and a potential bonus based on company performance
• Flexible paid leave
• Flexible work schedule
• Open intellectual property policies; allow researchers to retain rights over open sourced research and tools
• $225 monthly internet and cell phone stipend
• $1,000 annual technology/work from home budget
• $5,000 annual training/conference budget
• In person and virtual employee events throughout the year
• Company swag