Perplexity02.04.2026
Member of Technical Staff (Offensive Security Engineer)
Полная занятостьУдалёнка
Обязанности
- 01Plan and execute red team and purple team engagements simulating advanced threat actors across cloud infrastructure (AWS, Kubernetes), endpoints, and application surfaces
- 02Conduct continuous penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services
- 03Assess AI/ML-specific attack surfaces including prompt injection, model exfiltration, agent abuse, tool-use exploitation, and MCP security boundaries
- 04Develop and maintain custom offensive tooling, exploits, and automation to improve the efficiency and coverage of security testing
- 05Perform open-scope adversary simulations that test detection and response capabilities end to end, collaborating closely with the defensive security team
- 06Drive threat modeling sessions with engineering teams to identify and prioritize attack vectors in new features and architectures
- 07Deliver clear, actionable findings to both technical and executive audiences; partner with engineering to validate remediations
- 08Contribute to the security of CI/CD pipelines, supply chain integrity, and secrets management through offensive assessment
- 09Stay current on emerging attack techniques, vulnerability research, and adversary tradecraft; bring external perspective into Perplexity's security strategy
Требования
- 015+ years of hands-on experience in offensive security, red teaming, or penetration testing
- 02Deep technical expertise in at least two of: cloud security (AWS/GCP/Azure), web/API application security, Kubernetes and container security, macOS/Linux endpoint security, network penetration testing, or CI/CD pipeline security
- 03Track record of discovering impactful vulnerabilities or developing novel attack techniques in production environments
- 04Strong programming and scripting skills in Python, Go, or similar languages; comfortable writing custom tooling and exploits
- 05Experience with industry-standard offensive tools (Burp Suite, Cobalt Strike / Sliver / Mythic, Metasploit, BloodHound, nuclei, etc.) and ability to operate beyond them
- 06Excellent written and verbal communication; able to translate complex technical findings into clear risk narratives
- 07Experience assessing AI/ML systems, LLM applications, or agentic workflows for security vulnerabilities