Principal Penetration Testing Engineer

AXS-posted 1 day ago
Full-time • Principal
Los Angeles, CA
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

AXS is seeking a Principal Penetration Testing Engineer to join our offensive security program and active adversary intervention capabilities. This is not a standard penetration testing role—you'll architect and execute sophisticated adversary emulation campaigns, hunt live threats in production environments, and bridge the gap between offensive and defensive security through purple team operations. In this role, you'll think simultaneously as attacker and defender, leading engagements that test not just our technical controls but our people, processes, and detection capabilities. You'll work directly with incident response teams during active breaches, applying offensive tradecraft to reconstruct attack paths, predict adversary next moves, and validate remediation effectiveness. You'll also help shape our security strategy at the highest levels, presenting to executive leadership and driving organization-wide security initiatives. You will work on consumer-facing and B2B applications that can scale and handle high demand, as well as complex enterprise systems that meet our global needs.

  • Security Operations & Tooling - Planning, Creation and Refinement Design complex red team operations spanning weeks or months, operating covertly to test detection and response capabilities across the entire kill chain.
  • Build and maintain sophisticated C2 infrastructure with multi-layer redirectors, domain fronting, and encrypted covert channels
  • Create comprehensive adversary emulation playbooks that defensive teams can use for tabletop exercises and detection validation
  • Develop custom tooling, exploits, and evasion techniques to bypass modern security controls (EDR, SIEM, DLP, next-gen firewalls)
  • Develop and refine detection engineering rules based on offensive TTPs, ensuring blue teams can identify sophisticated adversary behavior
  • Facilitation and Execution Facilitate purple team exercises bringing red and blue teams together for collaborative security validation and continuous improvement: Lead adversary emulation campaigns based on real threat actor TTPs, mapping all activities to MITRE ATT&CK and ensuring realistic simulation of APT groups targeting our industry
  • Security Operations Threat Hunting Conduct proactive threat hunting campaigns leveraging hypothesis-driven investigation, behavioral analytics, and threat intelligence
  • Conduct zero-day research and vulnerability discovery through fuzzing, patch analysis, and novel attack surface exploration
  • Test detection capabilities against realistic attack scenarios, identifying blind spots and tuning security controls for higher fidelity
  • Cyber Incident Response Provide expert advice on eviction operations, coordinating simultaneous remediation across compromised systems while preventing adversary reinfection
  • Engage live adversaries in controlled scenarios to gather intelligence, understand objectives, and develop containment strategies
  • Serve as cyber security subject matter expert during active security incidents, applying offensive expertise to threat hunting, attack path reconstruction, and adversary prediction
  • BS in Computer Science or 10 years full-time experience in a computer science role in lieu of a degree.
  • 15+ years in information security with at least 5 years in offensive security roles (red team, penetration testing, exploit development)
  • 5+ years in incident response, threat hunting, or defensive security operations demonstrating deep understanding of detection and defensive capabilities
  • Proven track record leading complex red team engagements against Fortune 500 or similarly complex enterprise environments
  • Experience serving as technical subject matter expert or incident manager during active security incidents involving sophisticated adversaries
  • Demonstrated expertise conducting adversary emulation campaigns
  • Background in security research with published CVEs, conference talks (DEFCON, Black Hat, BSides), or security tool contributions (public or private)
  • Experience with Git and CI/CD Security Practices
  • Experience with event-driven technologies, e.g. Kafka
  • Experience using NOSQL databases such as Elasticsearch or AWS DynamoDB
  • Experience in the ticketing industry, inventory management systems or e-commerce
  • medical, dental and vision insurance
  • paid holidays, vacation and sick time
  • company paid basic life insurance
  • voluntary life insurance
  • parental leave
  • 401k Plan (with a current employer match of 3%)
  • flexible spending and health savings account options
  • wellness offerings
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Principal Engineer Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service