Principal Offensive Security Engineer
About The Position
The Offensive Security team is seeking a Principal Offensive Security Engineer to support the team responsible for testing the security of all the products and services that make up the Palo Alto Networks portfolio. This requires choreographing a routine of on-demand and continuous penetration testing engagements involving multiple, trusted third-party partners. We further supplement this with in-house penetration testing and red team operations to ensure the requisite breadth and depth of coverage across the attack surface. The successful candidate will thrive in a fast-paced environment where energy, drive, and a collaborative approach are key to success. And of course, a passion for adversary tradecraft — not just finding vulnerabilities, but proving whether we'd detect and stop a real attacker.
Requirements
- 8+ years of professional experience in Offensive Security, Red Teaming, or Penetration Testing.
- Deep technical mastery of at least one major cloud provider (GCP, AWS, or Azure), including identity management and network security controls.
- Experience with multi-tenant SaaS/PaaS isolation testing and authorization-boundary segmentation validation.
- Proven expertise in Kubernetes and Container Security, with the ability to identify flaws in orchestration and runtime environments.
- Strong experience auditing Infrastructure as Code (IaC) and CI/CD pipelines for security misconfigurations.
- Hands-on experience leading pentesting, assumed-breach operations: post-exploitation, lateral movement, Active Directory and cloud IdP attack paths, C2 infrastructure, and EDR/XDR evasion.
- Solid understanding of networking protocols, authentication frameworks (LDAP/AD, OAuth, SAML), and modern application security.
- Experience operating within high-compliance or highly regulated environments (e.g., FedRAMP, IL5, SOC2).
- Working knowledge of MITRE ATT&CK for operation planning and reporting.
- Ability to think creatively and work independently to solve complex security problems in a fast-paced environment.
- Strong written and verbal communication skills, with the ability to influence security outcomes across different business units.
Responsibilities
- Conduct comprehensive penetration tests across a diverse portfolio of cloud-native applications, large-scale infrastructure, and complex network architectures, covering all FedRAMP-mandated attack vectors
- Execute multi-tenant isolation testing and segmentation validation
- Identify, exploit, and document vulnerabilities in cloud services, container orchestration platforms, and automated deployment pipelines.
- Plan and lead assumed-breach, objective-based red team operations against systems — including lateral movement, privilege escalation, and persistence — to test the effectiveness of defensive controls, monitoring, and alerting systems
- Provide expert-level security guidance to SRE and Engineering teams during remediation planning and secure architectural design.
- Lead the security assessment of internal tooling, identity management systems, and third-party integrations.
- Research and develop custom tooling or scripts to automate testing and improve the efficiency of offensive engagements.
- Translate complex technical findings into high-impact reports and presentations for both technical stakeholders and executive leadership.
- Mentor junior team members and act as a subject matter expert on emerging threats and exploitation trends.
Benefits
- bonus
- restricted stock units
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
