Red Team Engineer – Offensive Security Lead

Job not on LinkedIn

🔥 14 hours ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Authentic8

Authentic8

51 - 200 employees

🔒 Cybersecurity

📋 Compliance

🏛️ Government

💰 Series B on 2017-08

Cybersecurity • Compliance • Government

Authentic8 is a company that specializes in secure browsing and digital investigations through its Silo platform. Silo provides a highly secure, isolated browsing experience that protects users from malware and unauthorized data access while remaining anonymous on the surface, deep, and dark web. The company's products such as Zero Trust Application Access and Risky Web Link Isolation ensure secure and managed access to applications and web content, adhering to strict cybersecurity and compliance standards. They cater to government agencies and commercial enterprises, offering solutions for cybersecurity intelligence, financial crime, compliance, and secure application access across diverse networks and devices.

📋 Description

• Design, build, and operate an AI-augmented red teaming harness using frontier LLM APIs. • Implement a control loop architecture (Plan | Act | Observe | Adjust) for autonomous and semi-autonomous vulnerability discovery. • Integrate the harness with purpose-built SBOM tooling (Endor Labs), CVE monitoring feeds (NVD, OSV.dev, EPSS/KEV, GitHub Advisory Database, and vendor-specific bulletins), and our CI/CD pipeline (Snyk, SonarQube). • Conduct adversarial testing across four attack perspectives: (Internal source code, External unauthenticated adversary, Internal authenticated user, and Internal unprivileged adversary) • Chain findings identify exploitable paths and corresponding vulnerabilities. • Validate and prioritize findings using CVSS, EPSS, and KEV context before handing off to the patch management pipeline. • Support the development and day-to-day operation of Authentic8's internal Bug Bounty Program. • Collaborate with engineering on custom mitigation decisions when vendor patches are unavailable. • Assume ownership of security stage-gates within our CI/CD pipeline, integrating Snyk, SonarQube, and harness findings into the build process. • Work alongside the SOC Lead on CVE monitoring, alerting, and vulnerability prioritization workflows. • Partner with DevSecOps Engineers on harness architecture and pipeline integration. • Provide technical input to the Integrated Operations Center on detection use case design for our SIEM. • Regularly brief the VP of Information Security on findings, program health, and checkpoint criteria.

🎯 Requirements

• 5+ years in cybersecurity, penetration testing, or red team operations • Demonstrated experience building tools: scripting exploits, automating workflows, or constructing test harnesses (Python and/or Go strongly preferred) • Hands-on experience with LLM APIs in a security or agent context, including an understanding of tool use, control loops, and context management in agent architectures • Proficiency with static and dynamic analysis (SAST/DAST) and the ability to interpret and chain findings from automated tooling • Working knowledge of CVE and vulnerability data sources, including NVD, EPSS, KEV, OSV.dev, and the GitHub Advisory Database • Experience testing cloud-hosted SaaS platforms (GCP familiarity preferred) • Familiarity with container security (containered, Docker) and Linux-based infrastructure • Ability to work independently, manage your own scope, and deliver against defined milestones • Excellent documentation and communication skills • Must be US citizen

🏖️ Benefits

• medical • dental • vision • flexible PTO • a 401k program • stock options

Apply Now

Similar Jobs

🔥 16 hours ago

Cisco

10,000+ employees

🔧 Hardware

🔐 Security

🏢 Enterprise

Security Engineer managing application-level monitoring and incident response in US Government classified environments. Collaborating with teams to evolve security tools in a hybrid world.

AWS

Azure

Cloud

Cyber Security

Google Cloud Platform

ServiceNow

Splunk

🔥 17 hours ago

Interface Systems

501 - 1000

🔐 Security

☁️ SaaS

📡 Telecommunications

National Account Executive proposing and advancing sales of managed Access Control and Alarm monitoring solutions. Seeking to enhance security and connectivity for large, multi-site U.S. businesses.

🔥 17 hours ago

Health Catalyst

1001 - 5000

⚕️ Healthcare Insurance

🤖 Artificial Intelligence

☁️ SaaS

Sr Account Executive in Cybersecurity Sales at Health Catalyst driving revenue growth through enterprise healthcare organizations. Focused on building relationships with CISOs, CIOs, and senior executives.

Cyber Security

🔥 17 hours ago

Discord

501 - 1000

🎮 Gaming

🌍 Social Impact

📡 Telecommunications

Senior Enterprise Security Engineer implementing and maintaining Discord’s enterprise environment with a focus on security and privacy. Aiming to protect data and keeping systems secure while collaborating across teams.

Python

Rust

Go

🔥 18 hours ago

CNG Holdings, Inc.

1001 - 5000

💸 Finance

👥 B2C

Senior Manager in Cyber Security managing team operations and risk management at CNG Holdings, Inc. Involved in compliance, incident response, and security strategy for protecting corporate assets.

Cloud

Cyber Security

Firewalls