Posted:
2/8/2025, 4:00:00 PM
Location(s):
California, United States ⋅ Palo Alto, California, United States ⋅ Texas, United States ⋅ New York, New York, United States ⋅ New York, United States ⋅ Bastrop, Texas, United States
Experience Level(s):
Junior ⋅ Mid Level ⋅ Senior
Field(s):
IT & Security ⋅ Software Engineering
Are you prepared to join the X team and help build the ultimate real-time information-sharing app, revolutionizing how people connect? At X, we’re on a mission to become the trusted global digital public square, committed to protecting freedom of speech and building the future unlimited interactivity. Our goal is to empower every user to freely create and share ideas, fostering open public discourse without barriers. Join us in shaping this thrilling journey where your contribution will be invaluable to our success!
Role: Offensive Security Engineer
_
At X, we're on a mission to revolutionize digital interaction and create the Everything App. Our platform is a space where people can connect, share ideas, and engage in meaningful conversations.
We’re looking for a talented and security-driven Offensive Security Engineer to join our team and help us bring our vision to life.
Who We Are:
The Offensive Security Team is responsible for identifying vulnerabilities and strengthening the security posture across X properties, including X Social and X Money. This role will focus on reviewing source code, identifying security flaws, and developing exploits to test internal systems. The candidate will also work closely with X’s bug bounty program.
What You’ll Do:
In this role, you’ll be responsible for executing offensive security assessments and penetration testing strategies. You’ll work closely with development and security teams to uncover vulnerabilities and improve security resilience. Your role will include:
Reviewing source code to identify common application vulnerabilities.
Writing functional exploits for newly discovered vulnerabilities.
Leveraging existing tools and developing custom offensive security scripts.
Engaging with the bug bounty program to validate and remediate vulnerabilities.
Performing penetration tests on internal systems.
Automating baseline red team activities based on the environment and code base.
Identifying and exploiting container vulnerabilities.
Who You Are:
You are a highly skilled Offensive Security Engineer with deep expertise in application security, penetration testing, and exploit development. You have strong analytical skills and the ability to think like an adversary. The ideal candidate will also have:
Strong software development skills in Scala, Python, Go, or similar languages.
Advanced understanding of secrets and key management.
Deep knowledge of authentication and authorization security mechanisms.
Experience identifying vulnerabilities such as SSRF, data validation errors, injection attacks, and authentication race conditions.
The ability to automate red team activities efficiently.
Expertise in identifying and exploiting container vulnerabilities.
Nice to Have:
Bachelor's degree in Computer Science or equivalent experience.
OSCP Certification.
SANS SEC565: Red Team Operations and Adversary Emulation.
SANS SEC588: Cloud Penetration Testing.
At X, our small but fast-paced team values innovation and creativity. You'll have the opportunity to make a significant impact on the future of X and our aspiration to build the Everything App. If you thrive in a dynamic, high-growth tech environment and relish the opportunity to collaborate with passionate, driven over-achievers, your career with us here at X will be both exhilarating and fulfilling.
Apply now to join our team!
Website: https://x.com/
Headquarter Location: Norwalk, Connecticut, United States
Employee Count: 10001+
Year Founded: 1960
IPO Status: Public
Last Funding Type: Post-IPO Debt
Industries: Digital Media ⋅ Hardware ⋅ Information Technology ⋅ Printing ⋅ Software