Senior Application Analyst supporting and enhancing systems for the Safety, Environmental, Security, and O&M functions at Black & Veatch. Collaborating with business stakeholders for effective system performance and management.
About the role
- Offensive Security Engineer performing penetration testing and AI security evaluations in a global, flexible team environment. Requires extensive experience and knowledge of SaaS and AI security.
Responsibilities
- Work in a team-orientated, fast-paced, global, and flexible environment
- Perform penetration testing across our entire product and infrastructure
- Perform SaaS-based red team exercises with specific goal oriented objectives
- Continuously evolve your skills toward AI evaluation and knowledge based on emerging tactics, techniques and procedures related to AI agent vulnerabilities
- Collaborate with our AI Security, threat intelligence, threat monitoring and threat engineering teams to understand our threats, provide practical validations of threats and ensure our protections and incident response are continuously refined
- Provide actionable insights for our Product Development team regarding vulnerabilities
Requirements
- At least 7 years of professional experience in the field of offensive security.
- A strong knowledge of modern web application architecture and the vulnerabilities often associated with them.
- A strong knowledge of LLMs including their unique security threats, and how embedded vectors impact performance
- Proficiency in offensive security tooling such as a web proxy like Burp Suite, Nmap, Kali and a scripting language of your choice.
- Experience with AWS and its security features
- Experience with developing or testing AI systems at scale.
- Experience with AI Security tools (e.g., promptfoo, etc.)
- Experience with MacOS & Apple infrastructure and its security features
- 10+ years of professional experience in the field of offensive security
- Professional certifications related to offensive security, including but not limited to: OSCP, CEH, CPT, GPEN, OSCE, OSWP, OSWE, OSEE, OSDA, PNPT, CPENT, CRTO, GXPN
- Published vulnerabilities, bug bounty reputation or other contributions to the industry
- Talks, conference appearances or other professional event experience
Benefits
- flexible work arrangements
- professional development opportunities
- bonuses
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cybersecurity GRC Program Manager at EnerSys, leading cybersecurity compliance efforts. Collaborating with internal teams and auditors in a hybrid work environment.
Cybersecurity Technician at EnerSys safeguarding information system assets and ensuring compliance with cybersecurity frameworks. Involves monitoring threats and deploying security solutions.
Chargé(e) de mission sécurité at Bel ensuring safety regulations compliance and workplace risk assessments. Collaborating with teams to promote safety and manage safety documentation.
Cyber Security IT Intern at Crystal Dynamics contributing to AAA game development projects. Gain hands - on experience and develop industry - relevant skills in IT and Cyber Security.
Cloud Platform Security Governance specialist defining cloud governance frameworks at Deutsche Börse Group. Ensuring compliance and managing risks in cloud security and infrastructure.
Director of Cybersecurity responsible for assessing risks and implementing security solutions at Financeit. Collaborating with various teams to protect information in Canada and the US.
Senior Information Security Engineer handling cybersecurity incidents for Wells Fargo. Leading technical investigations and providing security consulting on medium projects for internal clients.
WF
Senior Lead Business Accountability Specialist driving risk management and security initiatives within Wells Fargo's enterprise functions. Engaging stakeholders to support complex risk mitigation and programs for financial services.
Cybersecurity Consultant focusing on Cloud Security and mitigation strategies for a client in Lisbon. Seeking to enhance the career path in cybersecurity within a supporting organization.