Sr Product Security Engineer
B
BeyondTrustCybersecurity
Remote United StatesFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
- Required Skills
- AWSCI/CDLLM
Requirements
- 5+ years in Product Security, or Penetration Testing with direct hands-on testing and exploit development.
- Strong expertise in web application and API security (authentication, authorization, session management, cryptography, injection, deserialization, SSRF, privilege escalation).
- Proficiency with penetration testing tools like Burp Suite and manual exploit validation.
- Hands-on experience using LLM platforms (Claude, Codex, or similar) to build security testing workflows or develop exploits.
- Experience building custom security tooling such as fuzzers, scanners, or exploit frameworks.
- Strong understanding of common vulnerability classes (OWASP Top Ten, API Security Top Ten, CWE).
- Experience collaborating with defensive security teams (SOC, Cyber Defense, IR).
- Understanding of cloud security fundamentals (AWS) and CI/CD pipeline security.
- Strong communication skills for explaining complex exploitation chains and risk narratives.
Responsibilities
- Perform deep, context-aware penetration testing of web applications, APIs, endpoint agents, thick clients, identity systems, and cloud-native services.
- Build AI-powered threat hunting skills and fuzz factory plugins using Claude and Codex.
- Develop working proof-of-concept exploits for discovered vulnerabilities that demonstrate real impact.
- Validate vulnerabilities from all sources and deliver specific fix recommendations to engineering teams.
- Partner with Cyber Defense and Security Architects to translate offensive findings into detection signatures, monitoring rules, and runtime protections.
- Build and maintain AI-driven security testing tooling integrated into CI/CD pipelines.
- Participate in threat modeling exercises to identify abuse cases and map exploitation paths.
View Full Description & ApplyYou'll be redirected to the employer's site