Principal Offensive Security Engineer

September 27

Apply Now

Receive Emails with Similar Jobs

Autodesk

WebsiteLinkedInAll Job Openings

Architecture • Engineering • Media

Autodesk is a global leader in software for designers, engineers, builders, and creators. The company provides a comprehensive suite of design and engineering applications including popular products like AutoCAD, Revit, and 3ds Max. Through its Design and Make Platform, Autodesk empowers professionals across various industries to design, visualize, and manage projects efficiently, facilitating innovation and sustainability in architecture, engineering, construction, and manufacturing.

10,000+ employees

Founded 1982

📱 Media

📋 Description

• Document, maintain, and improve the AEC Secure Software Development Lifecycle (SSDLC) • Work with the Trust Organization on Security Vulnerability Management and 0-day response • Manage and mature the AEC security vulnerability and DoD response processes • Act as primary point of contact for AEC 0-day reports and engage Researchers and Engineers • Proactively fuzz, research, and investigate AEC Products and Processes for security issues and improvements • Support AEC Security incident BPM processes • Assist engineering teams in secure code development and set policies, procedures, and standards • Engage with AEC engineers to establish training, awareness resources, and other security mechanisms • Partner with other engineers across the company to share Software Security practices and improve transparency and efficiency • Own Security metadata components within the Software Catalog, including creation, naming, and maintenance • Attend Trust meetings across the AEC organization and industry events/conferences to gather new techniques

🎯 Requirements

• BS or MS or Equivalent Experience in Cybersecurity/Computer Science (or related technical field) • 5+ years of hands-on Offensive Security experience or 7+ years of a mix • Experience with Offensive Security tools, techniques, and methodologies • Experience working with programming languages (Eg. C, C++, C#, Rust, Go, Javascript, Java, Python, Perl, PHP, TypeScript...) • Experience collaborating with cross-organizational teams • Experience with writing reports and communicating complex security concepts to technical personnel (preferred) • Familiarity with modern software practices including Continuous Integration, Continuous Delivery, and Infrastructure-as-Code (preferred) • Familiarity with Security Disciplines outside of Offensive Security (Privacy, GRC, Blue Teaming, Awareness) (preferred) • Familiarity with authentication/authorization using OAuth2.0, OICD, SPIFFE, FIDO2 (preferred) • Familiarity with large-scale distributed systems, hybrid applications across desktop, mobile, and web (preferred) • Experience in the AEC industry or other regulated industry (preferred) • Must be located in the United States or Canada (east coast strongly preferred)

🏖️ Benefits

• annual cash bonuses • commissions for sales roles • stock grants • a comprehensive benefits package • opportunities to attend top security conferences and training sessions throughout the year • remote position open to candidates in the United States or Canada