Senior Offensive Security Engineer

Posted:
10/17/2024, 9:16:40 PM

Experience Level(s):
Senior

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Remote

Job Description

Where you’ll work: Anywhere within Hungary 

Offensive Security at GoTo 

The Offensive Security team conducts various security assessments in a variety of domains; Physical, Cyber, Social Engineering, Insider Threat, and Purple Teaming. Techniques and tradecraft used during engagements include commercial, open source, and custom tooling. Offensive Security Engineers also provide insight to various teams about an attacker's mindset and potential threat during active or potential security incidents. The Offensive Security Engineer will take on a wide range of work that requires ingenuity and at times little to no documentation or formal method to learn a topic. Offensive Security Engineers must be able to learn multiple ways to breach a target and subvert defensive controls.

Your Day to Day 

As an Offensive Security Engineer, your day to day would look like,

  • Conduct proactive security assessments to identify vulnerabilities.
  • Perform adversarial simulations to test defense mechanisms.
  • Developing and implementing strategies to defend against various attack vectors commonly used by skilled or sponsored adversaries.
  • Collaborating with other teams, such as IT and development, to remediate security issues and improve overall security posture.
  • Researching and staying up-to-date on emerging threats and security technologies to continuously improve defensive measures.
  • Documenting security processes, findings, and recommendations for management and stakeholders
  • Continuously evaluating and refining offensive security tactics and techniques to ensure they remain effective in the evolving threat landscape.

What We’re Looking For 

As an Offensive Security Engineer, your background will look like: 

  • 3-5 years of experience in a relevant field, at least 1 year working as a penetration tester
  • Strong knowledge of Active Directory (and Azure AD), how to abuse it, how to protect it.
  • Strong scripting abilities using PowerShell, Python, Ruby, and/or programming with compiled languages (C/C++, Golang, etc.).
  • Experience in setting up testing scenarios from an adversarial perspective or performing reconnaissance on a company in order to test cyber defense and detection.
  • Experience with building, deploying, and managing offensive security operational infrastructure.
  • Hands on experience with managing infrastructure and services within Azure, AWS and GCP also preferred.
  • Ability to create and/or customize exploits in order to penetrate a network.
  • Experience of exploiting vulnerabilities in Linux, Windows, and Mac devices.

What GoTo offers: 

  • Full remote work option within Hungary and on-demand seat in our Budapest Astoria office 
  • Volunteering days, parental, and pet leave 
  • Private health insurance, life insurance and eye care 
  • Adoption, Tuition and Reading Reimbursement, English Course 
  • Employee Resource Groups and GoTo Gives (our corporate social responsibility program – a fun, and inclusive community) 

At GoTo, diversity and inclusion are key to creating a thriving and dynamic work environment. Our team of GoGetters is driven to learn, explore, connect, and collaborate, valuing the unique perspectives that everyone brings to the table. We take pride in providing our employees with comprehensive benefits, wellness programs, recognition, and opportunities for learning and development worldwide. Our commitment to creating an inclusive space for everyone, regardless of gender, identity, or background, ensures that all team members can contribute to our success and thrive personally and professionally.  

Learn more