Product Security Engineer
Origami Risk LLC
•Hybrid
About The Position
As an Offensive Product Security Engineer, you will play a critical role in safeguarding our products by identifying and mitigating security vulnerabilities. You will conduct comprehensive security assessments, including penetration testing, threat modeling, and code reviews, to ensure our products are resilient against potential attacks. Your expertise will help shape our security strategy, enhance our security posture, and protect our customers’ data.
Requirements
- Bachelor’s or master's degree in computer science, Information Security, or a related field.
- 4+ years of experience in information security with focus on application and cloud security.
- 2+ years of hands-on experience in offensive security, including exploit development, vulnerability research, and penetration testing.
- Strong knowledge of penetration testing methodologies and tools (e.g., Metasploit, Burp Suite, Nmap, MITRE).
- Proficient in performing adversary simulation attacks, red team experience.
- Proficient in active directory, OSINT, networking technologies.
- Proficiency in scripting and programming languages (e.g., Python, Java, C++).
- Familiarity with cloud security (e.g., AWS, Azure, GCP) and container security (e.g., Docker, Kubernetes).
Responsibilities
- Conduct advanced penetration testing and vulnerability assessments on our products and infrastructure.
- Develop and deploy realistic attacks to test security defenses.
- Develop and maintain security documentation, including policies, procedures, and guidelines.
- Carry out controlled attacks to evade detection, simulate real-world attacks to exploit potential weaknesses.
- Prepare and deliver technical reports to internal stakeholders.
- Perform vulnerability assessments, triage and provide prescriptive remediation for identified vulnerabilities.
- Assist in incident response and forensic analysis when security incidents occur.
- Collaborate with development teams to integrate security best practices into the software development lifecycle.
- Stay current on exploitation and post-exploitation techniques and incorporate them into the penetration testing.
- Other duties as assigned.
Benefits
- Competitive medical, dental, and vision benefits
- Wellness reimbursement
- Life insurance
- 401(k) with company match
- Vacation and sick leave benefits (under a flexible time off policy in most states)
- Medical and Dental coverage available for employees, dependents, domestic partners, and spouses
- Paid Time Off – Flexible options plus 10 paid company holidays where available
- Fully Paid by Origami Risk – Vision insurance, Short & Long-Term Disability Insurance, and Basic Life Insurance
- Generous family leave options—including adoption and foster care placements
- Pre-Tax Savings Accounts – Flexible Spending Account, Health Savings Account, Commuter Benefits, Dependent Care Savings Account
- Retirement Savings – 401(k) with company match up to 4%
- Employee Assistance Program (EAP) – Confidential & Free support offered to colleagues facing personal or work-related complications
- Education Assistance Program – to help colleagues pursue industry/role-specific certifications
- Wellness Benefits – reimbursement program to invest in healthy habits as well as support better colleague productivity and stress management
- Additional coverages available – Pet Insurance, Critical Illness Insurance, and Voluntary Life & AD&D coverage
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
