Perplexity
Member of Technical Staff (Offensive Security Engineer)
Vaga remota de Security com fit claro de localização do candidato.
Publicada2 de abr. de 2026
Países elegíveis3 países aceitos
Sinal de senioridadeLead
Modelo de trabalhoRemoto
Locais aceitos para candidatos
SérviaReino UnidoEstados Unidos
Resumo da vaga
Member of Technical Staff (Offensive Security Engineer)
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Details
- Plan and execute red team and purple team engagements simulating advanced threat actors across cloud infrastructure (AWS, Kubernetes), endpoints, and application surfaces
- Conduct continuous penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services
- Assess AI/ML-specific attack surfaces including prompt injection, model exfiltration, agent abuse, tool-use exploitation, and MCP security boundaries
- Develop and maintain custom offensive tooling, exploits, and automation to improve the efficiency and coverage of security testing
- Perform open-scope adversary simulations that test detection and response capabilities end to end, collaborating closely with the defensive security team
- Drive threat modeling sessions with engineering teams to identify and prioritize attack vectors in new features and architectures
- Deliver clear, actionable findings to both technical and executive audiences; partner with engineering to validate remediations
- Contribute to the security of CI/CD pipelines, supply chain integrity, and secrets management through offensive assessment
- Stay current on emerging attack techniques, vulnerability research, and adversary tradecraft; bring external perspective into Perplexity's security strategy
- 5+ years of hands-on experience in offensive security, red teaming, or penetration testing
- Deep technical expertise in at least two of: cloud security (AWS/GCP/Azure), web/API application security, Kubernetes and container security, macOS/Linux endpoint security, network penetration testing, or CI/CD pipeline security
- Track record of discovering impactful vulnerabilities or developing novel attack techniques in production environments
- Strong programming and scripting skills in Python, Go, or similar languages; comfortable writing custom tooling and exploits
- Experience with industry-standard offensive tools (Burp Suite, Cobalt Strike / Sliver / Mythic, Metasploit, BloodHound, nuclei, etc.) and ability to operate beyond them
- Excellent written and verbal communication; able to translate complex technical findings into clear risk narratives
- Experience assessing AI/ML systems, LLM applications, or agentic workflows for security vulnerabilities
- Bonus: Published security research, conference talks (DEF CON, Black Hat, BSides), CVE credits, or meaningful bug bounty contributions
Vagas similares
Mantenha uma lista reserva.
Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.