Perplexity02.04.2026

Member of Technical Staff (Offensive Security Engineer)

Полная занятостьУдалёнка

Обязанности

  • 01Plan and execute red team and purple team engagements simulating advanced threat actors across cloud infrastructure (AWS, Kubernetes), endpoints, and application surfaces
  • 02Conduct continuous penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services
  • 03Assess AI/ML-specific attack surfaces including prompt injection, model exfiltration, agent abuse, tool-use exploitation, and MCP security boundaries
  • 04Develop and maintain custom offensive tooling, exploits, and automation to improve the efficiency and coverage of security testing
  • 05Perform open-scope adversary simulations that test detection and response capabilities end to end, collaborating closely with the defensive security team
  • 06Drive threat modeling sessions with engineering teams to identify and prioritize attack vectors in new features and architectures
  • 07Deliver clear, actionable findings to both technical and executive audiences; partner with engineering to validate remediations
  • 08Contribute to the security of CI/CD pipelines, supply chain integrity, and secrets management through offensive assessment
  • 09Stay current on emerging attack techniques, vulnerability research, and adversary tradecraft; bring external perspective into Perplexity's security strategy

Требования

  • 015+ years of hands-on experience in offensive security, red teaming, or penetration testing
  • 02Deep technical expertise in at least two of: cloud security (AWS/GCP/Azure), web/API application security, Kubernetes and container security, macOS/Linux endpoint security, network penetration testing, or CI/CD pipeline security
  • 03Track record of discovering impactful vulnerabilities or developing novel attack techniques in production environments
  • 04Strong programming and scripting skills in Python, Go, or similar languages; comfortable writing custom tooling and exploits
  • 05Experience with industry-standard offensive tools (Burp Suite, Cobalt Strike / Sliver / Mythic, Metasploit, BloodHound, nuclei, etc.) and ability to operate beyond them
  • 06Excellent written and verbal communication; able to translate complex technical findings into clear risk narratives
  • 07Experience assessing AI/ML systems, LLM applications, or agentic workflows for security vulnerabilities