Lead Offensive Security Researcher

Italy (Flexible)

Applications have closed

Sysdig is driving the standard for securing the cloud and containers. We created Falco, the open standard for cloud-native threat detection, and consistently contribute to open source software projects.  We are passionate, technical problem-solvers, continually innovating and delivering powerful solutions to secure the cloud from source to run.

We value diversity and open dialog to spur ideas, working closely together to achieve goals. We’re an international company that understands how to cultivate a strong culture across a remote team. And we're a great place to work too — we've been named a Bay Area Best Place to Work by the San Francisco Business Times and the Silicon Valley Business Journal for three years now! We were recognized by Deloitte as one of the 500 fastest growing organizations in 2020 and 2021. We are looking for team members who have a passion for container and cloud security and are willing to dig deeper to help our customers. Does this sound like the right place for you?

What you will do

  • Lead Sysdig’s offensive security research efforts in Linux, Cloud, Kubernetes, and OSS. The successful candidate will lead penetration testing and vulnerability research activities for the Sysdig Threat Research Team.
  • With the assistance of the Sysdig Threat Research Team, help build a world-class offensive security program. Responsibilities will include identifying subjects to explore, developing processes and tools, and mentoring junior researchers.  
  • Perform vulnerability research and penetration testing on applications and services involved in the cloud ecosystem, such as IAM and authentication systems, code repositories and CI/CD facilities.
  • Share findings with public sources, including blogs, reports, webinars, and other activities.

What you will bring with you

  • 5+ years of experience as a penetration tester, red team, vulnerability researcher, or exploit developer
  • Experience performing penetration testing on cloud, containers, web applications, and OSS projects
  • Understanding of vulnerabilities including techniques, mitigations, and exploitation
  • Strong understanding of Cloud-native ecosystems and architectures, for example, Kubernetes
  • Programming experience in C, Python, Go, Javascript, or other modern languages
  • Ability to write your own purpose-built tooling to solve unique problems
  • Experience with penetration testing tools and frameworks, such as: BURP Suite, Metasploit, OWASP, Kali Linux, SQLMap, Atomic Red Team, and custom tools.

What we look for

  • A sense of ownership and drive to create a world class cloud-focused offensive security research program
  • Proven experience in attacking real-world applications or relevant participation in bug bounty programs
  • Track record of published write-ups or equivalent contributions in offensive security, with strong technical writing ability
  • Ability to set goals and come up with the process to reach them. The ideal candidate will be the Subject Matter Expert for offensive security at Sysdig
  • A candidate who is excited about building something from the ground up and who is passionate about finding security vulnerabilities

Why work at Sysdig?

  • We’re a well-funded startup that already has a large enterprise customer base
  • We have a pragmatic, transparent culture, from the CEO down
  • We have an organizational focus on delivering value to customers
  • Our open source tools (https://sysdig.com/opensource/) are widely used and loved by technologists & developers

When you join Sysdig, you can expect:

  • Competitive compensation including equity opportunities
  • Flexible hours and additional recharge days
  • Mental wellbeing support through Modern Health for you and your family
  • Monthly wellness reimbursement
  • Career growth

Some of our Hiring Managers are globally distributed, an English version of your most up to date CV will be highly appreciated!

#LI-SM1

#LI-Hybrid

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Burp Suite C CI/CD Cloud Exploit IAM JavaScript Kali Kubernetes Linux Metasploit Offensive security Open Source OWASP Pentesting Python Red team Threat detection Threat Research Vulnerabilities

Perks/benefits: Competitive pay Equity Flex hours Health care Startup environment Team events Wellness

Region: Europe
Country: Italy
Job stats:  20  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.