CrawlJobs Logo
Meta Logo Meta · IT - Software Development

Offensive Security Engineer

United States, Bellevue Employment contract 176890.00 - 209000.00 USD / Year · Job Posted April 24, 2026
Apply Position
Job Link Share

Job Description

Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. To apply, click "Apply to Job" online on this web page

Job Responsibility

  • Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems
  • Research, develop, and execute adversary tactics, techniques, and procedures (TTPs) across the range of the attack lifecycle
  • Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles
  • Automate portions of assessments, scoping, or other offensive security work to inform and drive our engagements

Requirements

  • Requires a Bachelor’s degree (or foreign degree equivalent) in Computer Science, Cybersecurity, or related field
  • Requires completion of university-level coursework, research project or internship involving the following: High level scripting and coding
  • Research, develop, and execute adversary tactics, techniques, and procedures (TTPs) across the range of the attack lifecycle
  • Understanding of the attack lifecycle, and offensive security concepts in Red Team operations
  • Experience with exploiting common security vulnerabilities and bypassing security controls
  • Experience in at least one of the following security areas - Network security, Web, desktop and/or mobile application security, source code review, fuzzing and/or analysis, reverse engineering, exploit development and/or vulnerability research

What we offer

  • bonus
  • equity
  • benefits
Meta - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Offensive Security Engineer

8 matching positions

Offensive Security Engineer

We're seeking an exceptional Principal-level Offensive Security Engineer to chal...
Location
Location
United States , San Francisco; Seattle; New York City; Washington
Salary
Salary:
277600.00 - 490000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of hands-on red team experience or exceptional accomplishments demonstrating equivalent expertise
  • Deep expertise conducting offensive security operations within modern technology companies
  • Experience designing, developing, or testing assessing the security of AI-powered systems
  • Experience working finding, exploiting and mitigating common vulnerabilities in AI systems like prompt injection, leaking sensitive data, confused deputies, and dynamically generated UI components
  • Exceptional skill in code review, identifying novel and subtle vulnerabilities
  • Proven experience performing offensive security assessments in at least one hyperscaler cloud environment (Azure preferred)
  • Demonstrated mastery assessing complex technology stacks, including: Highly customized Kubernetes clusters, Container environments, CI/CD pipelines, GitHub security, macOS and Linux operating systems, Data science tooling and environments, Python-based web services, React-based frontend applications
  • Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts
  • Excellent coding skills, capable of writing robust tools and automation for offensive operations
  • Ability to communicate complex technical concepts effectively through compelling storytelling
Job Responsibility
Job Responsibility
  • Continuously hunt for vulnerabilities in the interactions between the applications, infrastructure, and models that power our agentic products
  • Conduct open-scope red and purple team operations, simulating realistic attack scenarios
  • Collaborate proactively with defensive security teams to enhance detection, response, and mitigation capabilities
  • Perform comprehensive penetration testing on our diverse suite of products
  • Leverage advanced automation and OpenAI technologies to optimize your offensive security work
  • Present insightful, actionable findings clearly and compellingly to inspire impactful change
  • Influence security strategy by providing attacker-driven insights into risk and threat modeling
What we offer
What we offer
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Fulltime
Read More
Arrow Right

Offensive Security Engineer

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park, CA; Bellevue, WA
Salary
Salary:
157000.00 - 185000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of Red Team experience
  • Experience mentoring other team members
  • Passion and demonstrated experience for challenging security assumptions
  • Excellent written and verbal communication skills and ability to communicate your findings at many different levels of abstraction from Engineers to Executives
  • Passion for fixing security issues and not just identifying security issues
  • Familiarity with common network protocols and standards such as DNS and TCP/IP
  • Experience with MacOS and Linux
  • Experience with leveraging components of a modern software development stack to attack companies, including CI, container orchestration systems (Kubernetes/Docker), cloud providers (AWS, GCP), etc and be able to give hardening suggestions
  • Experience/knowledge of defensive tools/techniques (IDS/IPS, Packet Capture, Network Analysis, AV, EDR, etc.) and how to evade them
  • Deep understanding of Mitre’s ATT&CK Framework
Job Responsibility
Job Responsibility
  • Evangelize the Offensive Security Team’s Findings and Projects with stakeholders throughout the company and collaborate with other teams to create solutions that balance security with other priorities
  • Mentor and provide guidance to the members of the Offensive Security team
  • Utilize threat modeling to identify threats and shape Red Team priorities and exercises
  • Plan and execute long term, broadly scoped, black box Red Team exercises utilizing vulnerability research, exploit development, and utilizing public proof of concept code
  • Perform penetration testing, code reviews, and design/architecture reviews
  • Write tooling to assist with and automate Red Team assessments
  • Plan and participate in Adversarial Simulation exercises with various security teams
  • Lead Security Incidents when Pentest or Red Team findings require them
  • Publish blog posts and present talks at security conferences
What we offer
What we offer
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet - a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Offensive Security

We enable Plaid to quickly build safe and secure products while ensuring that Pl...
Location
Location
United States , New York
Salary
Salary:
207600.00 - 310800.00 USD / Year
plaid.com Logo
Plaid
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in offensive security roles
  • Experience leading individual offensive security/red team operations
  • Comfortable operating independently and defining your own direction
  • Comfortable communicating with a wide range of technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Establish a charter and framework for Plaid’s offensive security program
  • Conduct red team operations against corp and prod infrastructure to identify previously unknown problems and assess the state of Plaid’s security
  • Communicate findings to stakeholders and follow up to ensure appropriate resolution
  • Serve as the primary owner for red teaming at Plaid
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Offensive Security

We enable Plaid to quickly build safe and secure products while ensuring that Pl...
Location
Location
United States , San Francisco
Salary
Salary:
207600.00 - 310800.00 USD / Year
plaid.com Logo
Plaid
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in offensive security roles
  • Experience leading individual offensive security/red team operations
  • Comfortable operating independently and defining your own direction
  • Comfortable communicating with a wide range of technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Establish a charter and framework for Plaid’s offensive security program
  • Conduct red team operations against corp and prod infrastructure to identify previously unknown problems and assess the state of Plaid’s security
  • Communicate findings to stakeholders and follow up to ensure appropriate resolution
  • Serve as the primary owner for red teaming at Plaid
  • Fulltime
Read More
Arrow Right

Staff Engineer, Offensive Security

The Staff Engineer acts as a Technical Lead. You don't just find bugs; you desig...
Location
Location
Ireland
Salary
Salary:
Not provided
stytch.com Logo
Stytch
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7-10 years in offensive security, penetration testing, a high-volume bug bounty background, AppSec, or vulnerability exploitation
  • track record of finding high/critical vulnerabilities in complex environments using pentesting commercial or custom tools
  • Expert Knowledge and solid understanding of the MITRE ATT&CK matrix and the OWASP Top 10 for web applications and top 10 for LLMs
  • post exploitation (lateral movement, persistence, data exfiltration) and Adversarial ML
  • Proficient in OffSec popular tools like Burp Suite professional, Nmap, Metasploit, Wireshark etc... and AI security tools such as LangChain, TensorFlow for adversarial testing or, as well as use of C2 frameworks (Cobalt Strike, Sliver, Havoc) or similar tools
  • Ability to write functional scripts in Python or Bash to automate repetitive testing tasks
  • proficiency in coding and scripting like Python, C++, and scripting for creating custom offensive exploits that avoids signature-based detection
  • Possession of advanced industry certifications such as OSCP, OSEP, OSWE, GXPN or similar training in OffSec tracks is highly desirable
Job Responsibility
Job Responsibility
  • Full-Stack Penetration Testing: Perform manual and automated testing of web applications, APIs, and mobile apps (iOS/Android)
  • Internal/External Network Audits: Conduct network and cloud level assessments with various tooling
  • Vulnerability Validation: Triage and validate reports from automated scanners or bug bounty hunters to eliminate false positives and escalate true positives
  • AI/LLM Probing: Perform initial prompt injection and jailbreak tests on AI prototypes, services, and applications using established checklists (OWASP Top 10 for LLMs)
  • Technical Reporting: Draft high-quality reports that detail the 'path to compromise' with clear, reproducible steps for developers
  • Tool Maintenance: Manage and update the team's testing infrastructure (e.g., Burp Suite, and basic C2 listeners)
  • Remediation Support: Provide direct technical guidance to engineering teams on how to patch vulnerabilities like XSS, SQLi, and IDOR
  • Adversary Emulation: Design and lead multi-week Red Team operations that mimic specific threat actors (APTs) to test the SIRT detection capabilities
  • Custom Exploit Development: Build custom payloads, droppers, and obfuscated scripts to bypass EDR/AV and maintain stealth
  • AI Red Teaming Architecture: Build automated testing frameworks for AI systems (e.g., using PyRIT, Promptfoo, or Garak) to test for models related to sensitive data leakage
What we offer
What we offer
  • competitive pay
  • generous time off
  • ample parental and wellness leave
  • healthcare
  • a retirement savings program
Read More
Arrow Right

Staff Offensive Security Engineer

At GEICO, we offer a rewarding career where your ambitions are met with endless ...
Location
Location
United States , Chevy Chase; Palo Alto; Seattle
Salary
Salary:
115000.00 - 230000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Mastery of vulnerability discovery and exploitation across applications, networks, and cloud using tools (e.g., Burp Suite, Metasploit), and custom scripts (Python, PowerShell)
  • Advanced understanding of OWASP, MITRE ATT&CK framework, software development lifecycle (SDLC), threat modeling, red/purple teaming, and attack path development
  • Hands-on experience with tools like Cobalt Strike, Mythic, BloodHound, and AutoSploit
  • Relevant professional security certifications (e.g. from GIAC or others)
  • Proven experience in achieving results efficiently through automation and establishing best practices
  • Proven track record to deliver business outcomes for meeting regulatory and compliance obligations
  • Ability to force multiply through coaching and mentorship to offensive security engineers across all functions (penetration testing, red teaming, purple teaming)
  • 8+ years in engineering focused role, preferably in the tech industry
  • 5+ years of experience in offensive security (penetrating testing, red team, and purple team)
  • 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities
Job Responsibility
Job Responsibility
  • Lead highly effective large-scale penetration testing initiatives
  • Participate in simulating real-world cyber-attacks (red teaming), and collaborating with defensive security teams (purple teaming)
  • Conduct tactical security penetration test assessments to validate the security of company applications (web, mobile, APIs, and AI products) against OWASP Top 10 threats and work with the Application Security team to provide feedback and recommendations to increase automated capabilities
  • Ensure penetration testing activities are meeting security, business, and compliance objectives and outcomes
  • Design and execute advanced threat emulation scenarios, including physical, social, and digital attack vectors
  • Collaborate with Blue Teams, Threat Intelligence, and Risk Management to ensure comprehensive attack coverage and feedback loops
  • Ensure operations align with industry regulations and compliance standards such as NIST, PCI DSS, and NYDFS
  • Champion continuous improvement and innovation in penetration testing, adversary simulation techniques, tools, and methodologies
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Offensive Security Engineer, Hardware

We're seeking an exceptional Principal-level Offensive Security Engineer to chal...
Location
Location
United States , San Francisco
Salary
Salary:
293000.00 - 490000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of hands-on experience or exceptional accomplishments demonstrating equivalent expertise
  • Exceptional skill in code review, identifying novel and subtle vulnerabilities
  • Demonstrated mastery assessing complex technology stacks
  • Proven ability to reverse engineer bootrom images, firmware, or silicon-level components
  • Deep familiarity with low-level kernel operations, secure boot processes, and hardware-software interactions
  • Hands-on experience building and validating secure boot chains and threat models
  • Proficiency with hardware debugging tools (UART, JTAG, SWD, oscilloscopes, logic analyzers)
  • Solid programming skills in C/C++, Python, or assembly for embedded systems
  • Industry experience securing consumer hardware (e.g., mobile devices, IoT, chipsets)
  • Excellent written and verbal communication skills for technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Collaborate proactively with engineering teams to enhance security and mitigate risks in hardware, firmware, and software
  • Perform comprehensive penetration testing on our diverse suite of products
  • Leverage advanced automation and OpenAI technologies to optimize your offensive security work
  • Present insightful, actionable findings clearly and compellingly to inspire impactful change
  • Influence security strategy by providing attacker-driven insights into risk and threat modeling
What we offer
What we offer
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Fulltime
Read More
Arrow Right

Staff Offensive Security Engineer

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park
Salary
Salary:
217000.00 - 255000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of Red Team experience
  • Experience mentoring other team members
  • Passion and demonstrated experience for challenging security assumptions
  • Excellent written and verbal communication skills and ability to communicate your findings at many different levels of abstraction from Engineers to Executives
  • Passion for fixing security issues and not just identifying security issues
  • Familiarity with common network protocols and standards such as DNS and TCP/IP
  • Experience with MacOS and Linux
  • Experience with leveraging components of a modern software development stack to attack companies, including CI, container orchestration systems (Kubernetes/Docker), cloud providers (AWS, GCP), etc and be able to give hardening suggestions
  • Experience/knowledge of defensive tools/techniques (IDS/IPS, Packet Capture, Network Analysis, AV, EDR, etc.) and how to evade them
  • Deep understanding of Mitre’s ATT&CK Framework
Job Responsibility
Job Responsibility
  • Evangelize the Offensive Security Team’s Findings and Projects with stakeholders throughout the company and collaborate with other teams to create solutions that balance security with other priorities
  • Mentor and provide guidance to the members of the Offensive Security team
  • Utilize threat modeling to identify threats and shape Red Team priorities and exercises
  • Plan and execute long term, broadly scoped, black box Red Team exercises utilizing vulnerability research, exploit development, and utilizing public proof of concept code
  • Perform penetration testing, code reviews, and design/architecture reviews
  • Write tooling to assist with and automate Red Team assessments
  • Plan and participate in Adversarial Simulation exercises with various security teams
  • Lead Security Incidents when Pentest or Red Team findings require them
  • Publish blog posts and present talks at security conferences
What we offer
What we offer
  • Market competitive and pay equity-focused compensation structure
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Annual lifestyle wallet for personal wellness, learning and development, and more
  • Lifetime maximum benefit for family forming and fertility benefits
  • Dedicated mental health support for employees and eligible dependents
  • Generous time away including company holidays, paid time off, sick time, parental leave, and more
  • Lively office environment with catered meals, fully stocked kitchens, and geo-specific commuter benefits
  • Bonus opportunities
  • Equity
  • Fulltime
Read More
Arrow Right