Offensive Security Engineer

Offensive Security Engineer page is loaded

Apply locations Palo Alto, CA New York City, NY San Jose, CA Bastrop, TX time type Full time posted on Posted 30+ Days Ago job requisition id R100990 Role: Offensive Security Engineer
Location: Palo Alto, CA, San Jose, CA, New York City
Salary Range: $162,000 - $297,000 + Equity

_

At X, we're on a mission to revolutionize digital interaction and create the Everything App. Our platform is a space where people can connect, share ideas, and engage in meaningful conversations.

We’re looking for a talented and security-driven Offensive Security Engineer to join our team and help us bring our vision to life.

Who We Are:

The Offensive Security Team is responsible for identifying vulnerabilities and strengthening the security posture across X properties, including X Social and X Money. This role will focus on reviewing source code, identifying security flaws, and developing exploits to test internal systems. The candidate will also work closely with X’s bug bounty program.

What You’ll Do:

In this role, you’ll be responsible for executing offensive security assessments and penetration testing strategies. You’ll work closely with development and security teams to uncover vulnerabilities and improve security resilience. Your role will include:

• Reviewing source code to identify common application vulnerabilities.

• Writing functional exploits for newly discovered vulnerabilities.

• Leveraging existing tools and developing custom offensive security scripts.

• Engaging with the bug bounty program to validate and remediate vulnerabilities.

• Performing penetration tests on internal systems.

• Automating baseline red team activities based on the environment and code base.

• Identifying and exploiting container vulnerabilities.

Who You Are:

You are a highly skilled Offensive Security Engineer with deep expertise in application security, penetration testing, and exploit development. You have strong analytical skills and the ability to think like an adversary. The ideal candidate will also have:

• Strong software development skills in Scala, Python, Go, or similar languages .

• Advanced understanding of secrets and key management.

• Deep knowledge of authentication and authorization security mechanisms.

• Experience identifying vulnerabilities such as SSRF, data validation errors, injection attacks, and authentication race conditions.

• The ability to automate red team activities efficiently.

• Expertise in identifying and exploiting container vulnerabilities.

Nice to Have:

• Bachelor's degree in Computer Science or equivalent experience.

• OSCP Certification.

• SANS SEC565: Red Team Operations and Adversary Emulation.

• SANS SEC588: Cloud Penetration Testing.

At X, our small but fast-paced team values innovation and creativity. You'll have the opportunity to make a significant impact on the future of X and our aspiration to build the Everything App. If you thrive in a dynamic, high-growth tech environment and relish the opportunity to collaborate with passionate, driven over-achievers, your career with us here at X will be both exhilarating and fulfilling.

Apply now to join our team!

locations 4 Locations time type Full time posted on Posted 30+ Days Agolocations 4 Locations time type Full time posted on Posted 30+ Days Agolocations 4 Locations time type Full time posted on Posted 30+ Days Ago

Chat with our Recruiting team to learn more about available roles and opportunities at X.

We build the world's most trusted public town square—and we pride ourselves on our commitment to protecting free speech within the boundaries of the law. Beyond that, we aim to increase unregretted user minutes on our platform, and make it the best place on the internet for creators to share content and make money.