Security Engineer

Security Engineer
Remote
March 23, 2026
Full Time
Application ends: June 22, 2026
Apply Now

Job Description

What You’ll Be Doing :

– Third-Party Penetration Test Management : Act as the primary point of contact for our third-party penetration testing providers.

You will manage the entire lifecycle of these engagements, from scoping and scheduling to triaging, validating, and documenting findings.

Your efforts will ensure that we maximize the value of these assessments and that all identified vulnerabilities are properly addressed.

– Internal Penetration Testing : Plan and execute internal penetration tests against Bazaarvoice’s diverse portfolio of applications, infrastructure, and cloud environments.

You will simulate real-world attack scenarios to uncover potential security weaknesses before they can be exploited by malicious actors.

– Security Champion and Advisor : Serve as a subject matter expert in offensive security for our internal teams.

You will help to foster a culture of security by providing technical guidance, sharing your expertise, and helping developers understand and address vulnerabilities.

– Tooling and Automation : Research, evaluate, and implement tools and automation to enhance our offensive security capabilities and streamline our testing processes.

– Bug Bounty Program Management : Develop, manage, and continuously improve the company’s Bug Bounty Program.

This includes defining scope, managing researcher submissions, coordinating validation and remediation efforts, and ensuring timely communication and reward payouts to the security research community.

Success in this role looks like : A measurable decrease in high-severity external vulnerability findings, a well-managed and active Bug Bounty program, and tangible security improvements driven by internal pen-test findings.

Required Skills And Experience :

– 5+ years of hands-on experience in an offensive security role, such as penetration testing, red teaming, or vulnerability assessment.

– Mandatory Strong experience in AWS security Assessments.

– Demonstrated experience in managing the lifecycle of penetration testing engagements, including scoping, vendor management, and finding remediation.

– Proven ability to perform manual penetration tests of web applications, APIs, and cloud infrastructure (AWS, Azure, or GCP), with a strong focus on AWS security assessments.

– Strong understanding of common vulnerability classes (OWASP Top 10) and the ability to articulate their impact and remediation.

– Proficiency in at least one scripting language (e.g., Python, Go, Bash) to automate tasks and develop custom tools.

– Excellent written and verbal communication skills, with the ability to effectively communicate complex technical concepts to both technical and non-technical audiences.

– A collaborative and team-oriented mindset, with a proven ability to work effectively with cross-functional teams.

Desired Skills And Experience :

– Offensive security certifications such as OSCP, OSWE, GPEN, or GWAPT.

– Experience with a variety of security tools and frameworks (e.g., Burp Suite Pro, Caido, OWASP Zap Metasploit, Nmap).

– Experience in a Security Development Lifecycle (SDL) environment and familiarity with DevSecOps principles.

– Experience with bug bounty program management or participation.

Are you interested in this position?

Apply by clicking on the “Apply Now” button below!

#GraphicDesignJobsOnline

#WebDesignRemoteJobs #FreelanceGraphicDesigner #WorkFromHomeDesignJobs #OnlineWebDesignWork #RemoteDesignOpportunities #HireGraphicDesigners #DigitalDesignCareers# Dynamicbrand guru

Related Jobs