Senior Offensive Security Engineer

About The Position

Requirements

• 5 years of experience in cybersecurity, with a focus on penetration testing and vulnerability assessment.
• Experience in managing Responsible Disclosure Program (VDP) and Bugbounty programs.
• CEH, Offensive Security Certified Professional (OSCP), or other relevant certifications.
• Strong understanding of networking protocols, operating systems, and web applications.
• Proficiency in using penetration testing tools such as Metasploit, Nmap, Burp Suite, etc.
• Knowledge of common cybersecurity threats and attack vectors.
• Excellent analytical and problem-solving skills.
• Effective communication skills for writing detailed reports and presenting findings to stakeholders.

Responsibilities

• Evaluate the security of applications, networks, and systems by simulating cyberattacks.
• Conduct comprehensive security assessments, identify vulnerabilities, and provide recommendations for remediation.
• Define clear policies and procedures for the responsible disclosure process.
• Establish and maintain communication channels with the security research community.
• Receive and triage vulnerability reports submitted by external researchers.
• Collaborate with internal security teams to assess the severity and impact of reported vulnerabilities.
• Facilitate communication and collaboration between researchers and relevant stakeholders.
• Track the progress of vulnerability remediation efforts.
• Maintain detailed records of vulnerability reports, assessments, and resolutions.
• Develop and maintain metrics to measure the effectiveness of the responsible disclosure program.
• Monitor industry best practices and emerging trends in responsible disclosure and vulnerability management.
• Perform penetration tests and vulnerability assessments using various tools and techniques.
• Stay abreast of the latest security threats, trends, and technologies.