CrawlJobs Logo

Offensive Security Engineer, Purple Team

meta.com Logo

Meta

Location Icon

Location:
United States , Bellevue

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

122000.00 - 181000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Meta's Offensive Security Group is seeking an experienced Offensive Security Engineer to join our team. As a key member of the team, you will be responsible for executing tactical, offensive assessments across various environments, emulating internal and external threats, and driving remediations to improve the organization's security posture.

Job Responsibility:

  • Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems
  • Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness
  • Automate portions of assessments, scoping, or other offensive security work to inform and drive our engagements
  • Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats
  • Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles
  • Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
  • Influence and align the team’s direction and strategy, and collaboratively prioritize and deliver specific multi-year roadmaps and projects

Requirements:

  • Bachelor's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or equivalent experience
  • 2+ years of experience in Red Teaming, Penetration Testing, and/or cyber threat hunting
  • Experience with coding/scripting skills in one or more general purpose languages

Nice to have:

  • Relevant certifications such as Offensive Security Certified Professional, Offensive Security Exploitation Professional, Certified Red Team Operator, or Certified Red Team Leader
  • Public tools, presentations, or research published on Cybersecurity
What we offer:
  • bonus
  • equity
  • benefits

Additional Information:

Job Posted:
January 23, 2026

Icon
Meta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Offensive Security Engineer, Purple Team

Staff Offensive Security Engineer

At GEICO, we offer a rewarding career where your ambitions are met with endless ...
Location
Location
United States , Chevy Chase; Palo Alto; Seattle
Salary
Salary:
115000.00 - 230000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Mastery of vulnerability discovery and exploitation across applications, networks, and cloud using tools (e.g., Burp Suite, Metasploit), and custom scripts (Python, PowerShell)
  • Advanced understanding of OWASP, MITRE ATT&CK framework, software development lifecycle (SDLC), threat modeling, red/purple teaming, and attack path development
  • Hands-on experience with tools like Cobalt Strike, Mythic, BloodHound, and AutoSploit
  • Relevant professional security certifications (e.g. from GIAC or others)
  • Proven experience in achieving results efficiently through automation and establishing best practices
  • Proven track record to deliver business outcomes for meeting regulatory and compliance obligations
  • Ability to force multiply through coaching and mentorship to offensive security engineers across all functions (penetration testing, red teaming, purple teaming)
  • 8+ years in engineering focused role, preferably in the tech industry
  • 5+ years of experience in offensive security (penetrating testing, red team, and purple team)
  • 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities
Job Responsibility
Job Responsibility
  • Lead highly effective large-scale penetration testing initiatives
  • Participate in simulating real-world cyber-attacks (red teaming), and collaborating with defensive security teams (purple teaming)
  • Conduct tactical security penetration test assessments to validate the security of company applications (web, mobile, APIs, and AI products) against OWASP Top 10 threats and work with the Application Security team to provide feedback and recommendations to increase automated capabilities
  • Ensure penetration testing activities are meeting security, business, and compliance objectives and outcomes
  • Design and execute advanced threat emulation scenarios, including physical, social, and digital attack vectors
  • Collaborate with Blue Teams, Threat Intelligence, and Risk Management to ensure comprehensive attack coverage and feedback loops
  • Ensure operations align with industry regulations and compliance standards such as NIST, PCI DSS, and NYDFS
  • Champion continuous improvement and innovation in penetration testing, adversary simulation techniques, tools, and methodologies
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Offensive Security Specialist

Deel is seeking a highly skilled Offensive Security Specialist with deep experie...
Location
Location
Salary
Salary:
Not provided
deel.com Logo
Deel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in Red Teaming, Offensive Security, or Penetration Testing (or exceptional accomplishments that demonstrate equivalent expertise)
  • Deep expertise in offensive security operations within modern and cutting-edge technology environments, with a history of simulating sophisticated threats against complex systems
  • Experience designing, developing, or assessing the security of a wide range of systems, including web and mobile applications, network and cloud infrastructure, microservices, and AI-powered platforms
  • Demonstrated mastery in evaluating complex technology stacks, including containerized and Kubernetes environments, CI/CD pipelines, various operating systems, cutting-edge technologies, and AI-powered platforms and systems
  • Strong understanding of trust boundaries and dynamic risk assessment, with the intuition to identify where security assumptions break down in complex, evolving architectures
  • Coding and scripting skills, with the ability to develop robust custom tools and automation to support offensive operations
  • Ability to communicate complex technical concepts to diverse audiences effectively, including through compelling storytelling and narrative techniques to convey the implications of security issues
  • Proven track record of not only discovering critical vulnerabilities but also driving their remediation, contributing fixes or mitigation strategies in complex codebases
Job Responsibility
Job Responsibility
  • Perform comprehensive penetration testing on our diverse suite of products and services to uncover security flaws before adversaries can exploit them
  • Design and execute adversary emulation engagements aligned with the MITRE ATT&CK framework and real-world tactics, techniques, and procedures (TTPs) to ensure our simulations mirror actual threat actors
  • Continuously hunt for vulnerabilities across our web and mobile applications, as well as within our underlying infrastructure and cloud environments, proactively identifying security vulnerabilities
  • Perform specialized penetration testing on AI-based systems and platforms, evaluating the security of machine learning applications and related technologies for novel vulnerabilities
  • Conduct targeted cyber threat intelligence research to inform offensive operations, ensuring that red team scenarios are based on current and relevant threat actor behaviors and support investigations
  • Design and execute phishing campaigns and other social engineering exercises to test and improve organizational awareness and resilience against human-focused attacks
  • Develop custom exploits, tools, and automation to enhance red team operations, enabling more efficient and stealthy attack simulations and the ability to bypass advanced security controls
  • Conduct purple team operations that simulate realistic attack scenarios to test our organization’s detection and response capabilities
  • Partner with defensive security and engineering teams to translate findings into measurable security improvements - Enhancing detection, response, and mitigation capabilities
  • driving timely remediation through robust fixes and delivering clear, actionable communications that articulate risk, impact, and required change
What we offer
What we offer
  • Stock grant opportunities dependent on your role, employment status and location
  • Additional perks and benefits based on your employment status and country
  • The flexibility of remote work, including optional WeWork access
  • Fulltime
Read More
Arrow Right

Senior Threat Emulation Team Member

As a senior member of the Threat Emulation team within Admiral’s Cyber Security ...
Location
Location
Salary
Salary:
Not provided
admiralgroup.co.uk Logo
Admiral Group Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ Years of delivering offensive security exercises
  • Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills
  • Experience of being a technical lead on security testing engagements
  • A strong technical background is required with in-depth experience in several of the following areas: CI/CD Pipelines/DevOps
  • Cloud and Cloud Security (Specifically Azure and GCP)
  • LLM Security Considerations
  • Applications of AI in Offensive Security
  • Scenario/objective based Penetration Testing/Red Teaming
  • Purple Teaming
  • Microsoft AD, Entra and In-Tune
Job Responsibility
Job Responsibility
  • Owning the delivery of Threat Emulation services through the full lifecycle, including taking responsibility for delivery of key projects and workstreams through to completion
  • Proactively analyse business needs, research
  • recommend solutions and drive their adoption
  • Identifying key opportunities to provide current and new security testing services across the business
  • Developing novel and innovative capabilities within the team
  • Performing post exercise or incident reviews and proposing resolutions using their subject matter expertise
  • Act as a point of escalation for the team and wider cyber department
  • Mentor and develop team members and peers
  • Define, develop and improve procedures, and processes for the team and wider operations department
  • Publish reporting and communications to key stakeholders, including briefings, presentations, control group calls/updates
What we offer
What we offer
  • Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave
  • Financial & Mortgage Advice
  • 24-Hour Ecare
  • Cycle to Work Scheme
  • Annual Holiday Allowance
  • Flexible Working
  • Simply Health
  • Private Health Cover
  • Critical Illness Cover
  • Eligible for up to £3,600 of free shares each year after one year of service
  • Fulltime
Read More
Arrow Right

Offensive Security Engineer

We're seeking an exceptional Principal-level Offensive Security Engineer to chal...
Location
Location
United States , San Francisco; Seattle; New York City; Washington
Salary
Salary:
277600.00 - 490000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of hands-on red team experience or exceptional accomplishments demonstrating equivalent expertise
  • Deep expertise conducting offensive security operations within modern technology companies
  • Experience designing, developing, or testing assessing the security of AI-powered systems
  • Experience working finding, exploiting and mitigating common vulnerabilities in AI systems like prompt injection, leaking sensitive data, confused deputies, and dynamically generated UI components
  • Exceptional skill in code review, identifying novel and subtle vulnerabilities
  • Proven experience performing offensive security assessments in at least one hyperscaler cloud environment (Azure preferred)
  • Demonstrated mastery assessing complex technology stacks, including: Highly customized Kubernetes clusters, Container environments, CI/CD pipelines, GitHub security, macOS and Linux operating systems, Data science tooling and environments, Python-based web services, React-based frontend applications
  • Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts
  • Excellent coding skills, capable of writing robust tools and automation for offensive operations
  • Ability to communicate complex technical concepts effectively through compelling storytelling
Job Responsibility
Job Responsibility
  • Continuously hunt for vulnerabilities in the interactions between the applications, infrastructure, and models that power our agentic products
  • Conduct open-scope red and purple team operations, simulating realistic attack scenarios
  • Collaborate proactively with defensive security teams to enhance detection, response, and mitigation capabilities
  • Perform comprehensive penetration testing on our diverse suite of products
  • Leverage advanced automation and OpenAI technologies to optimize your offensive security work
  • Present insightful, actionable findings clearly and compellingly to inspire impactful change
  • Influence security strategy by providing attacker-driven insights into risk and threat modeling
What we offer
What we offer
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Fulltime
Read More
Arrow Right

Mid - Senior Cybersecurity Engineer

Join the leading AU fintech company as a Senior Cybersecurity Engineer who will ...
Location
Location
Philippines , Manila
Salary
Salary:
Not provided
moneyme.com.au Logo
MONEYME
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Information Technology, or a related discipline
  • Professional certifications such as CEH, OSCP or equivalent are highly regarded
  • Equivalent practical experience may be considered in lieu of formal qualifications
  • 3+ years of experience in cybersecurity engineering experience with strong focus on application security
  • Demonstrated ownership of vulnerability remediation from discovery through validation
  • Practical experience implementing and tuning SAST and DAST programs
  • Strong familiarity with OWASP Top 10 and OWASP API Security Top 10
  • Experience working directly with software engineers and platform teams
  • Experience embedding security into the software development lifecycle
  • Experience operating in regulated or high-risk environments
Job Responsibility
Job Responsibility
  • Own application security across web, mobile, and API systems
  • Identify and prioritize vulnerabilities using SAST, DAST, and threat modelling
  • Assess findings against OWASP Top 10 and OWASP API Security risks
  • Drive remediation with engineering teams and validate fixes
  • Embed security into the software development lifecycle
  • Conduct threat modelling during design and architecture
  • Perform security reviews for new features and changes
  • Integrate SAST, DAST, dependency, and container testing into CI CD pipelines
  • Define risk based security gates and tune rulesets
  • Assess high risk flows involving authentication, sensitive data, APIs, and third party integrations
What we offer
What we offer
  • HMO on Day 1 + 1 free dependent
  • 15 days of vacation leaves and 15 days of sick leave
  • 1 birthday leave
  • Health and wellbeing initiatives like weekly sports activities and MONEYME Olympics
  • Fun filled company activities - summer outings, team building, team lunch or dinner, Halloween event, year-end party and so much more!
  • Complimentary snacks in the office
  • MONEYME Merchandise - hoodie, T-shirt, tumbler, notebook, and id lace
  • Quarterly champion awards & reward trips
Read More
Arrow Right

Principal Consultant - Offensive Security

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Ability to perform travel requirements as needed to meet business demands
  • Fulltime
Read More
Arrow Right

Cloud Security Senior Analyst

The Cloud Security Operations team works in a multi-disciplinary team of teams d...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a similar, offensive security related role
  • Offensive Security-oriented mindset (threat-modeling, vulnerability assessments, penetration testing, etc.)
  • Hands-on experience with cloud platforms (GCP, AWS)
  • Excellent understanding of cloud security concepts/best practices in various cloud Service Providers (for example: Azure/M365)
  • Familiarity with the current threat landscape which GCP exists in
  • Familiarity with securing containers and container orchestration frameworks (such as Kubernetes)
  • Programming/scripting languages a plus (Python and PowerShell preferred, but not required)
  • Ability to deliver presentations to technical and non-technical individuals
  • Fluency in English
  • Bachelor's Degree or equivalent working experience
Job Responsibility
Job Responsibility
  • Full end to end security assurance activities in GCP including Vulnerability Assessments (preproduction, post-production), Purple Team exercises (Red and Blue team collaboration) to identify areas of risk and ensure any gaps are documented and remediated
  • Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in the cloud environment
  • Partner with Engineering and Operations teams to create, implement, and apply DevSecOps practices and processes that are consumed by developers across all sectors in Citi
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy