Senior Offensive Security Engineer
Confirmed live in the last 24 hours
Everett, MA, USA
- 3+ years of experience in multiple offensive security engineering disciplines (red teaming, penetration testing, fuzz testing, etc.)
- Previous SOC analyst responsible for responding to security events
- Experience using open source and commercial scanners / exploit tools such as Burp / Nessus / OWASP ZAP as a reconnaissance tool
- Use of reconnaissance open source data such as Shodan, DNS Dumpster, Haveibeenpwned
- Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries for actioning on identified security risks
- Experience monitoring and triaging inbound security alerts within a ticketing system such as Jira, determining risk, and working with owners to mitigate risk and detect future exploitation attempts. (level 2-3 security analyst)
- Experience With - VPC / EC2 / Security Groups / ACLs / IAM
- Experience working with and attacking / testing AWS deployed resources
- Substantial scripting or developing in Python during the past 2 years
- Experience developing red team tools or exploitations
- Experience automating exploit testing and repetitive tasks
- Partner with Engineering, Product, IT, and other business functions to drive security improvement across the organization
- Research emerging attack vectors, vulnerabilities and techniques
- Utilize your offensive skills to build defenses against those who may point their attacks at Klaviyo
- Emulate adversaries by attacking user endpoints, cloud platforms, cloud systems, etc
- Collaborate closely with detection engineers to build high fidelity alerting based on emerging attack vectors and tactics, techniques and procedures
- Actively participate in purple-team exercises to mature the security program
- Triage and respond to incoming security alerts related to corporate and production systems
Growth marketing customer platform
Klaviyo's missions is to help companies retain customers and maximize their ROI. Klaviyo’s data–proven customer platform allows companies to send relevant, well–timed emails and SMS that increase lifetime values.
- We always put our customers first.
- We are always learning.
- We strive to make the world more equitable.
- We collaborate radically.
- We are ambitious.
- We are remarkable.