Senior Application Security Engineer

Job Summary

Leading Red Team engagements, the full-time Senior Application Security Engineer (Offensive / Red Team) will shape an evolving offensive security practice by collaborating with Blue Team members to enhance detection and response capabilities while managing the bug bounty program and mentoring junior engineers, all within a remote work environment.

Key responsibilities

• Plan and execute offensive security engagements against applications and infrastructure, utilizing various testing techniques and tools
• Collaborate with Blue Team to validate detection capabilities and improve defensive measures based on offensive findings
• Manage the bug bounty program, including triaging vulnerabilities and providing guidance for remediation

Required qualifications

• Bachelor's degree in computer science, cybersecurity, or a related technical field, or equivalent hands-on experience
• Proven experience in offensive security work, including web application penetration testing and Red Team engagements
• Proficiency in one modern programming language (preferably Java) and ability to review code in major languages
• Advanced user of Burp Suite Pro, with experience creating or modifying custom extensions
• Strong analytical skills with a risk-based approach to security