Senior Security Engineer, Pen Tester
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior Security Engineer focusing on offensive and defensive security at Menlo Security. Conducting penetration testing and ensuring cloud architecture security in multi-cloud environments.
Responsibilities:
- Collaborative Penetration Testing (AWS & GCP): Work in tandem with a peer pentester to conduct deep-dive penetration tests of our products across our multi-cloud environment.
- Control Plane: Review IAM policies, service configurations, and cloud-native permission structures.
- Data Plane & Web UI: Execute dynamic testing against web interfaces and API endpoints.
- Infrastructure Review: Assess the security posture of a hybrid infrastructure that mixes containers and Virtual Machines (VMs) infrastructures.
- Vulnerability Reporting & Advisory: Triaging findings and creating clear, reproducible proofs-of-concept (PoCs).
- AI-Augmented Security Assessments: Actively utilize AI and Large Language Models (LLMs) to automate reconnaissance, generate attack vectors, analyze configurations, and draft vulnerability reports.
- Pipeline Management: Monitor bug bounty pipelines and external reports, validating findings and managing researcher communication.
Requirements:
- Multi-Cloud Fluency: Demonstrate a deep architectural understanding of GCP and AWS.
- Container Security: Proven experience auditing and hardening managed container services (GKE Autopilot/Standard, EKS, ECS) and self-hosted/unmanaged workloads (K8s, k3s, OCI-runc).
- AI Tooling: Demonstrated ability to integrate AI/LLM tools (e.g., Gemini, Claude) into the pentesting lifecycle to increase speed and coverage.
- Web Application Security: Expert-level knowledge of web application security principles and offensive testing methodologies, with deep proficiency in OWASP Top 10 vulnerabilities, modern web framework exploitation, and API security (REST, WebSockets). Extensive hands-on experience conducting manual security assessments using Burp Suite Professional, OWASP ZAP, or similar tooling.
- Security Automation: Proficiency in Python, Go, or Bash to eliminate "toil."
- Infrastructure as Code: Solid grasp of Terraform and cloud-native deployment patterns.
Benefits:
- All employees may be eligible to become Menlo Security shareholders through eligibility for stock-based compensation grants, which are awarded to employees based on company and individual performance.
Similar Jobs
Junior Test Analyst
Junior Test Analyst at i4pro, focusing on testing functionalities and supporting bug resolutions. Engaging in project planning and automation script development for client solutions.
Lead, Supplier Quality Engineer
L3Harris seeks a Lead Supplier Quality Engineer supporting critical suppliers with aerospace materials. Responsibilities include leading quality performance and risk mitigation in complex supplier environments.
Associate Director, External QA – Finished Goods
Associate Director of External QA leading quality assurance initiatives in the pharmaceutical industry. Engaging with cross-functional teams to ensure compliance and quality standards are met.
Quality Assurance Inspector
Quality Assurance Inspector at Vista ensuring compliance with FAA standards in aircraft maintenance. Critical role in aviation safety through detailed inspections and documentation.
QA/UAT Tester
Mid-level QA/UAT Tester to ensure quality in property management software. Execute testing strategies within product development teams to validate features and enhance user experience.
Quality Assurance Manager
QA Manager responsible for evolving quality assurance function at Rentvine. Collaborating with Product and Engineering teams to ensure consistent and high-quality releases of property management software.
QA Analyst, Keeper App – Backend, Platform
QA Analyst focusing on backend quality assurance for Keeper’s enterprise applications. Testing APIs, validating data integrity, and ensuring performance in cloud environments.
Mid QA Engineer
QA Engineer ensuring quality across Rails API and React frontend in cloud-based dental practice solutions. Collaborating with engineers for test strategy and automation.
Senior QA, Validación de Datos, APIs, Migraciones
Analista QA Senior en NEORIS, garantizando la calidad de plataformas críticas. Responsable de validar datos y migraciones en entornos ágiles desde Colombia.
QA Engineer
QA Engineer at Deckers Brands ensuring exceptional user experience for UGG.com through rigorous testing and collaboration with cross-functional teams. Elevating digital quality standards while embracing diversity and inclusion.
Senior QA
Sênior QA responsible for structuring and executing automated test plans at EVT. Collaborating with multidisciplinary teams for quality improvement and participating in agile ceremonies.
Financial Aid Quality Assurance Specialist
Financial Aid Quality Assurance Specialist at National University conducting compliance reviews. Focusing on Federal Financial Aid compliance, student advising, and collaborating with university stakeholders.
Mid-Level QA & QC Engineer – 8 Months Contract
Midlevel QA & QC Engineer overseeing end-to-end testing and driving QA best practices. Involves designing strategies, executing tests, and mentoring QA teams.
Tester
Tester role focusing on product performance for the U.S. Department of Veterans Affairs. Involves designing test methods, compiling data, and reporting defects.
Regional Director – Quality Assurance, Monitoring
Regional Director of Quality Assurance and Monitoring for PACS ensuring regulatory compliance and documentation accuracy. Educating facilities on implementing operational best practices and procedures.
Senior Manager, Quality Assurance, Compliance
Senior Manager of Quality Assurance and Compliance overseeing quality and compliance at SCAN, a nonprofit health organization serving older adults in the US.
QA Analyst
Manual QA Engineer ensuring quality and performance of AdTech products for SBC Performance. Collaborating with developers and product managers to deliver high testing standards.
Mobile QA, Android & iOS Tester
Mobile Quality Analyst ensuring high-quality applications for B2B event tech startup. Collaborating with developers and creating comprehensive testing systems in a fully remote environment.
QA Specialist
Quality Assurance Specialist at NuScale handling development and maintenance of quality assurance programs for nuclear compliance. Ensuring adherence to standards and regulations in a collaborative environment.
QA Auditor/Inspector
QA Auditor / Inspector enforcing Contractor’s Quality Management System in OCONUS environments. Conducting quality audits and inspections to ensure compliance with contractual specifications and policies.