Security Engineer, Offensive Security

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 teams. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of theFortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 14 on the Cloud 100, one of ’s 100 Most Influential Companies, one of ’s Most Innovative Companies in AI, and one of ’s Best Workplaces.To achieve our ambitious goals, we are seeking a senior security engineer to join our security intelligence team and accelerate our security maturity through offensive and defensive exercises across our products and infrastructure. In this role, you'll not only challenge our systems but also have the unique opportunity to explore and uncover potential vulnerabilities in our machine learning models, ensuring that our AI-driven features remain secure against sophisticated threats.Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.As an Offensive Security Engineer, you will:• Plan and execute end-to-end offensive and threat hunting operations across the corporate and production environment.• Dive into threat actors and emulate their tactics, tools, and procedures to assess Grammarly's detection and response capabilities.• Identify and exploit vulnerabilities in AI and machine learning models to ensure our AI-driven features are robust against evolving threats.• Perform offensive security research in key areas of Grammarly product offerings and services.• Work with product development, raising security awareness through operation readouts and offering expertise to protect our products against skilled and determined attackers.• Represent Grammarly’s security engineering teams within and outside of the company.• Review security for the most critical and complex areas• Contributing to the security strategy of multiple teams and influencing leadership and C-suite decisions.• Grow their team by mentoring security engineers.• Is a security practitioner with a proven record of technical contributions in red team, threat hunting, and adversarial emulation.• Has hands-on experience in enterprise security practices, including SSO (Single Sign-On) implementations, endpoint security, and laptop hardening.• Is proficient in programming languages such as Python, Java, and Go and has experience with relevant CI/CD, Kubernetes, and Cloud Infrastructures (AWS/GCP/Azure).• Excellent communication skills that can adapt across multiple personas (engineering, non-technical, and C-Suite)• Builds strong relationships with peers across the company.• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.• Possess a deep understanding of real-world adversaries, their tactics, techniques, and procedures (TTPs), and a comprehensive knowledge of current cyber attack vectors and threat landscape.• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.• Is inspired by our MOVE principles: move fast and learn faster; obsess about creating customer value; value impact over activity; and embrace healthy disagreement rooted in trust.• Is able to meet in person for their team’s scheduled collaboration weeks, traveling if necessary to the hub where their team is based.Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more:• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)• Disability and life insurance options• 401(k) and RRSP matching• Paid parental leave• 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and unlimited sick days• Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)• Annual professional development budget and opportunitiesGrammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US locations are categorized into two compensation zones based on proximity to our hub locations. In Canada, all locations where we support employment are considered “Zone 1”.Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future.United States:Zone 1: $282,000 - $329,000 (USD)Zone 2: $254,000 - $296,000 (USD)CanadaZone 1: $220,000- $279,000 (CAD)At Grammarly, we value our differences, and we encourage all—especially those whose identities are traditionally underrepresented in tech organizations—to apply. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).#LI-Hybrid