Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Offensive Security Engineer

Q

Qualigence, Inc.

Offensive Security Engineer

San Francisco, CA
Full Time
Paid
Similar Jobs
  • Responsibilities

    We are looking for a Senior Offensive Security Engineer who will be the founder of this new team that will scale our abilities in attacking the devices and identify vulnerabilities early on.

    ------------------------------------------------------------------------------------------------------------------------------------------

    Your Contribution:

    • Lead and mentor the team that will focus on offensive security
    • Develop plans for testing the various interfaces on the device including hardware and software
    • Identify best in class tools to accomplish the goals
    • Continuously improve our abilities to attack a device
    • Provide leadership in this domain

    Key Qualifications:

    • Must have performed penetration testing on IOT devices and other appliances running windows, Android, Linux and other operating systems
    • Deep knowledge of penetration testing of network interfaces like WiFI/Ethernet with tools and processes
    • Good knowledge of testing BT/BLE interfaces with tools and processes
    • Must have developed some custom tools and crafted custom messages to inject threats and assess how the device holds up
    • Good knowledge of the device boot process and how to assess and generate threats that can make the device fail to boot or modify the boot parameters that change the state of the device
    • Good understanding of modern operating systems Linux, Android, Yocto and what security mechanisms exist in the various components including known vulnerabilities
    • Advanced knowledge of revision control and code review tools like git, gerrit and build infrastructure like gradle, maven, jenkins
    • Advanced programming skills in scripting languages, Python, Bash etc
    • Good knowledge of pentesting cloud apis
    • Good knowledge of programming languages, C/C++/Java and how to write secure code
    • Advanced knowledge of cryptography cipher suites, PKI, symmetric and asymmetric cryptography
    • Good knowledge of how TLS sessions are established, how encryption works and how to protect/secure a network or infrastructure

    Preferred Qualifications:

    • Any relevant certifications like Offensive Security Certified Professional (OSCP)
    • Advanced knowledge of other certifications like FedRAMP, FIPS 140-2, etc and how to qualify the device for compliance
    • Lead other engineers and mentored them, groomed them and got the best results from the team

    Education:

    • BSCS, BSCE or equivalent with 5+ years of relevant experience required