Senior Offensive Security Engineer

Summary

Join Praetorian, a cybersecurity company focused on reducing security friction and enabling technological innovation. Work alongside top security experts on challenging projects for diverse clients, from cryptocurrency exchanges to space telescopes. Contribute to impactful projects and advance your career in a hyper-growth environment. Core responsibilities include providing technical execution on offensive security projects focused on IoT security, identifying vulnerabilities, developing methodologies and tools, and creating comprehensive reports. The ideal candidate possesses a passion for offensive security, relevant experience, and strong technical skills. Praetorian offers competitive compensation and benefits, including equity, learning opportunities, and comprehensive health insurance.

Requirements

• Demonstrated passion for offensive security and adversarial engineering
• 2+ years of IoT security experience in one or more cross-functional areas: hardware or software reverse engineering, firmware analysis, embedded cryptography, wireless protocols, glitching/side-channel analysis, or IoT PaaS security
• Understanding of threat models, attack paths and intelligence considerations within the scoping of technical projects
• Ability to write technical reports and present technical findings both internally and externally

Responsibilities

• Provide technical execution on challenging offensive security projects focused on IoT Security for our customers
• Identify nuanced vulnerabilities in advanced systems
• Develop custom methodologies, payloads, exploits, and tools to ensure project success
• Develop documentation for novel mitigation strategies to emerging or undocumented security risks identified in client environments
• Develop comprehensive reports and presentations for our customers
• Serve as a mentor to other engineers in their technical and professional development
• Collaborate with the security community to develop novel attack techniques, tactics, and procedures (TTPs) through Praetorian’s Security Blog and other forms of community engagement

Preferred Qualifications

• Prior security consulting experience
• Software development experience in core offsec languages such as golang or python
• Capture-the-flag, CCDC, CPTC or other security related competitions
• Ranked achievements on testing platforms such as Hack the Box, Tryhackme, Portswigger and similar
• Track record in vulnerability research, exploit development, and CVE assignments
• Demonstrated open source contribution with git commits to popular offsec projects
• Security community experience via presentations, conference attendance, blogs, white papers and similar
• PNPT, BSCP, OSCP, OSWE, OSCE, OSEP, OSED, CRTO, cloud certifications and similar
• Bachelors degree in computer science, computer engineering, mathematics, or physics
• Additional experience in at least 3 of the following: Product Security Testing (Application, Mobile, LLM)
• Network Security Testing and/or Red Team
• Web Application Penetration Testing
• Cloud Security (AWS, Azure, GCP)
• Secure Code Review
• Reverse Engineering
• Vulnerability Research/ Exploit Development
• Experience with startup and/or high-tech companies

Benefits

• Competitive salary
• Equity Incentive Plan, offering ownership stakes in the company
• Continuous learning opportunities through our internal Learning & Development (L&D) program, including training, certifications, and conferences to support your career growth
• Recognition and rewards for speaking engagements at industry events and conferences
• Comprehensive health and dental insurance coverage
• Immediate 401(k) matching
• Paid maternity and paternity leave