LiveRamp · 20 hours ago
Offensive Security Engineer
New York
Full-time
Onsite
Senior Level
$132K/yr - $203K/yr
5+ years expLiveRamp is the data collaboration platform of choice for the world’s most innovative companies. The Offensive Security Engineer is responsible for proactively identifying and remediating security weaknesses across the company’s SaaS platform, collaborating with various teams to enhance security measures and participate in security initiatives.
AdvertisingAdvertising PlatformsAnalyticsBrand MarketingData Integration
Responsibilities
Perform authorized application security pentest on web apps, APIs, cloud infrastructure, and microservices
Identify common classes of vulnerabilities (e.g., authentication/authorization weaknesses, logic flaws, input validation issues)
Validate findings and provide actionable guidance to engineering teams
Conduct and contribute to threat modeling and design reviews
Maintain the internal pentest framework and update it based on industry standards where applicable
Work with Cloud/DevOps engineers to secure CI/CD pipelines
Work with containerized workloads and serverless components
Obtain a strong understanding of the company’s products and architecture to discover high-impact weaknesses
Research emerging attacks/exploits and techniques relevant to multi-cloud, SaaS, or microservice architectures
Scope and engineer red team exercises with defined flags, goals, and safety boundaries
Partner with defensive teams during purple team engagements to improve detection and response
Provide engineering teams with reproduction steps, risk context, and prescriptive remediation options (i.e., remediation written from a developer's point of view (POV))
Participate in security design discussions and architecture reviews
Assist in automation of safe, controlled security testing (e.g., integrating SAST/DAST tooling, security checks within CI/CD)
Develop scripts or utilities to support secure testing workflows (not exploit tools)
Implement and test emergent exploit tooling to support ongoing changes in the threat landscape
Maintain documentation for vulnerability assessments/pentest, retesting, and mitigation tracking in ITSM tooling
Support SOC 2, ISO 27001, and customer security questionnaires by providing validated security test evidence and providing technical POV’s when necessary
Qualification
Required
Bachelor's degree in Cyber Security, Computer or Software Engineering, Computer Science, Security Engineering, Information Management, Information Science, or a related technical field preferred OR equivalent experience
One or more of the following certifications - Offensive Security Certification: OSCP, OSEP, or OSWE
Global Information Assurance Certification (GIAC): GXPN
Preferred
5-10+ years of Offensive Security and Cloud Security experience
Demonstrated experience conducting network, web application, API, and cloud penetration tests across complex enterprise environments
Expert knowledge of OWASP Top 10 (including API)
Experience with OWASP Top 10 (LLM)
Experience in Cloud Vulnerability management, configuration, and validation using various tools across multi-cloud environments
Cloud-related certification in either AWS or GCP
Proficiency using both the AWS Management Console and the AWS Command Line Interface (CLI)
Experience mentoring junior personnel in offensive security practices
Expert with offensive security and vulnerability scanning tools and reporting
Expert with vulnerability management scoring methodologies
Strong hands-on expertise in developing proof-of-concept (PoC) exploits to validate real-world impact of discovered vulnerabilities
Expert knowledge of offensive security tools and frameworks (e.g., Burp Suite, ASVS, SANs top 25, Metasploit, BloodHound)
Proficiency in manual exploitation techniques, including authentication bypasses, privilege escalation, and lateral movement
Experience assessing and exploiting modern cloud and containerized environments (e.g., AWS, Azure, GCP, Kubernetes)
Solid understanding of secure coding flaws and vulnerability types (OWASP Top 10, business logic flaws, memory corruption)
Ability to write custom scripts or tooling in languages such as Python, Bash, or Go to support testing and exploitation
Subject Matter Specialist or Expert at validating detection and response capabilities through adversary emulation or purple team exercises
Proven ability to produce clear, actionable reports that translate technical findings for engineering teams, and into business risk and remediation guidance
Benefits
Work with talented, collaborative, and friendly people who love what they do.
We host in-person and virtual events such as game nights, happy hours, camping trips, and sports leagues.
Flexible paid time off, paid holidays, options for working from home, and paid parental leave.
LiveRamp offers a comprehensive benefits package designed to help you be your best self in your personal and professional lives. Our benefits package offers medical, dental, vision, life and disability, an employee assistance program, voluntary benefits as well as perks programs for your healthy lifestyle, career growth and more.
Our 401K matching plan—1:1 match up to 6% of salary—helps you plan ahead.
Employee Stock Purchase Plan - 15% discount off purchase price of LiveRamp stock (U.S. LiveRampers)
A comprehensive office equipment and ergonomics program—we provide you with equipment and tools to be your most productive self, no matter where you're located
Company
LiveRamp
LiveRamp aspires to make it safe and easy for companies to use data effectively.
1001-5000 employees
H1B Sponsorship
LiveRamp has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (48)
2024 (51)
2023 (17)
2022 (53)
2021 (39)
2020 (17)
Funding
Current Stage
Public CompanyTotal Funding
$16M2018-10-29IPO
2013-04-01Series C
2011-09-06Series Unknown· $1M
Leadership Team
Scott Howe
Chief Executive Officer
Burak Emre Kabakçı
Sr. Staff Software Engineer
Recent News
Marketing Dive
2026-01-16
2026-01-13
2026-01-06
Company data provided by crunchbase