Offensive Security Engineer

At Synack, we create technology that unleashes the best cybersecurity talent to secure our digital world.

Headquartered in Silicon Valley, we protect leading global organizations by reducing companies' security risk and increasing their resistance to cyber attack. How do we do this? By utilizing the world's best and most trusted team of ethical hackers who test through our powerful and controlled platform to deliver real security without compromise.

Backed by top-tier venture capital firms including Kleiner Perkins Caufield & Byers, Microsoft, and Google Ventures, Synack's mission is to leverage global security talent coupled with advanced technology to help enterprises discover security vulnerabilities before they become business problems. Discover the possibilities at Synack!

As a Security Operations Engineer you will scope and build penetration tests. You have a deep understanding of penetration testing attack surfaces and a knack for developing unique solutions that ensure client success. Your technical knowledge and client-focused approach to problem solving enable you to scope penetration tests that set up our Synack Red Team (SRT) for success.

Sounds interesting? Keep reading...

Here's what you'll do

• Develop the scope of penetration tests and guide researchers to effective testing
• Use your consultative communication skills to gather requirements, understand customer needs, and influence internal stakeholders
• Partner with internal stakeholders to determine, develop, and analyze the client's assets, such as:
  • Their digital attack surface and value at risk
  • Their existing vulnerability programs, tools and methods
  • Their security program, including ERM requirements and goals
• Work independently with little guidance and provide technical product expertise to build the appropriate solution for the client's needs

Here's what you'll need

• Expertise with vulnerability discovery management, risk management frameworks and associated business workflows, and remediation
• Understanding of a wide variety of technical concepts (i.e. infrastructure, enterprise architecture, web development, etc...)
• Proven experience with scripting languages (language independent) and developing scripted solutions to problems
• A knack for explaining technical concepts to a non-technical audience
• Relevant industry certifications in penetration testing and/or security management such as OSWE, OSCP, GPEN, CISSP, CISA
• Compliance and audit familiarity with PCI, ISO 27001, SOC 1, SOC 2
• Excellent time management, multi-tasking, and prioritization skills as well as the ability to manage multiple concurrent projects
• Candidates must be US Citizens in order to be considered for this role.

Ready to join us?

Synack is committed to embracing diversity. Our people are our strength. Each addition to our team is an opportunity to grow and diversify our ideas, experiences, and viewpoints. We strive to be inclusive of Race, Ethnicity, Religion, Sex, LGBTQ+, Veterans, Disabilities, and Age. Synack welcomes you!

As a candidate, Synack cares about your privacy. Please view our candidate privacy policy here.

70,000 USD - 115,000 USD Salary is determined by a combination of factors including location, level, relevant experience, and skills. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. The compensation package for this position may also include equity, and benefits.

For more details about our benefits, please see here. Then for the Employer code, enter: synack