Be an early applicantLess than 25 applicants

Company

Praetorian · 3 hours ago

Lead Offensive Security Engineer (Cloud Security)

United States

Full-time

Remote

Senior Level

$135K/yr - $200K/yr

5+ years exp

Maximize your interview chances

Cloud SecurityCyber Security

Growth Opportunities

No H1B

Hiring Manager

Mandee (Blackwell) Provazek

Insider Connection @Praetorian

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Lead the technical execution of challenging offensive security projects focused on Cloud Security for our customers

Identify nuanced vulnerabilities in cloud environments

Develop custom methodologies, payloads, exploits, and tools to ensure project success

Develop documentation for novel mitigation strategies to emerging or undocumented security risks identified in client environments

Develop comprehensive reports and presentations for our customers

Serve as a mentor to other engineers in their technical and professional development

Collaborate with the security community to develop novel attack techniques, tactics, and procedures (TTPs) through Praetorian’s Security Blog and other forms of community engagements) through Praetorian’s Security Blog and other forms of community engagement

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Offensive SecurityCloud SecurityAWSAzureGCPProduct Security TestingNetwork Security TestingWeb Application Penetration TestingIoT SecuritySecure Code ReviewReverse EngineeringVulnerability ResearchExploit DevelopmentContainer OrchestrationKubernetesOSCP CertificationThreat ModelsAWS Security SpecialtyAzure Security AZ-500GCP Pro SecurityGCP Pro DevOpsAzure AZ-400AWS DevOps ProCKA CertificationCKS CertificationOSCE CertificationOSEE CertificationOSWE CertificationTechnical Reports

Required

Demonstrated passion for offensive security and adversarial engineering

BS in Computer Science, Engineering, Mathematics, or Physics or equivalent experience

5+ years of Cloud Security experience in AWS, Azure and/or GCP

Additional experience in at least 3 of the following: Product Security Testing (Application, Mobile, LLM), Network Security Testing and/or Red Team, Web Application Penetration Testing, IoT Security (Embedded, Firmware, Wireless), Secure Code Review, Reverse Engineering, Vulnerability Research/ Exploit Development

Understanding of threat models, attack paths and intelligence considerations within the scoping of technical projects

Ability to write technical reports and present technical findings both internally and externally

Experience with startup and/or high-tech companies

Familiarity with container orchestration technologies such as Kubernetes

OSCP, AWS Security Specialty, Azure Security AZ-500, GCP Pro Security, GCP Pro DevOps, Azure AZ-400, AWS DevOps Pro, CKA, CKS OSCE, OSEE, or OSWE certifications

Preferred

Prior security consulting experience

Software or web application development experience in multiple languages

Experience with cutting edge technology stacks and modern security technologies

Advanced technical knowledge in any of the following: Exploit development beyond Windows and for MacOS X or Linux, Reverse engineering malware, data obfuscators, or ciphers, Software maturity models such as OpenSAMM, BSIMM, and SDL, Identity technologies for Azure AD, Auth0, Firebase, OKTA, or Google Identity, Secrets management such as Hashicorp Vault and cloud native KMSs, Containerization technologies such as Docker and registry platforms such as DockerHub, ACR, ECR, & GCR, Orchestration technologies such as Kubernetes and cluster management platforms such as AKS, EKS, & GKE, Command and control channel frameworks and deployment, Automotive security, ICS/SCADA, Network device security, Medical device security, Home automation security, and/or cryptocurrency wallet security, Hardware RE, software RE, firmware analysis, embedded cryptography, wireless protocols, Software-defined radio, glitching, side-channel analysis, and/or IoT PaaS and similar technologies

Capture-the-flag, CCDC, CPTC or other security related competitions

Ranked achievements on testing platforms such as Hack the Box, Tryhackme, Portswigger, Proving Ground and similar

Pursuit of advanced learning opportunities via security training courses, conferences, personal projects and similar

Track record in vulnerability research and CVE assignments

Security community experience via presentations, conference attendance, blogs, white papers and similar

OSCE, OSEP, OSED, CRTO, cloud certifications and similar

Benefits

Equity Incentive Plan, offering ownership stakes in the company

Continuous learning opportunities through our internal Learning & Development (L&D) program, including training, certifications, and conferences to support your career growth

Recognition and rewards for speaking engagements at industry events and conferences

Comprehensive health and dental insurance coverage

Immediate 401(k) matching

Paid maternity and paternity leave