Staff Offensive Security Engineer- Cloud and Infrastructure
Remote - US
Full Time Senior-level / Expert USD 161K - 252K
Who we are
Samsara (NYSE: IOT) is the pioneer of the Connected Operations™ Cloud, which is a platform that enables organizations that depend on physical operations to harness Internet of Things (IoT) data to develop actionable insights and improve their operations. At Samsara, we are helping improve the safety, efficiency and sustainability of the physical operations that power our global economy. Representing more than 40% of global GDP, these industries are the infrastructure of our planet, including agriculture, construction, field services, transportation, and manufacturing — and we are excited to help digitally transform their operations at scale.
Working at Samsara means you’ll help define the future of physical operations and be on a team that’s shaping an exciting array of product solutions, including Video-Based Safety, Vehicle Telematics, Apps and Driver Workflows, Equipment Monitoring, and Site Visibility. As part of a recently public company, you’ll have the autonomy and support to make an impact as we build for the long term.
Recent awards we’ve won include:
Great Place To Work Certified™ 2023
Best Place to Work by Built In 2023
Financial Times The Americas’ Fastest Growing Companies 2023
Deloitte Fast 500 Companies
IoT Analytics Company of the Year in 2022’s IoT Breakthrough Winners
We see a profound opportunity for data to improve the safety, efficiency, and sustainability of operations, and hope you consider joining us on this exciting journey.
We’re seeking a talented Staff Offensive Security Engineer with hands-on offensive cloud and infrastructure security experience. The right candidate will be knowledgeable, passionate about finding security threats, energetic, and thrive in a fast-paced environment. You’ll work alongside technical product managers and security engineers passionate about building highly scalable products. Your offensive security contributions will be critical to shaping our overall security and compliance strategy.
You should apply if:
- You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on, get food into grocery stores, reduce emissions, and, most importantly, ensure workers return home safely.
- You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development and countless opportunities to experiment and master your craft in a hyper-growth environment.
- You’re energized by our opportunity: Our vision to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers.
- You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best.
Click here to learn about what we value at Samsara.
In this role, you will:
- Propose and lead penetration testing plans and offensive security exercises for different components of the product stack. Prove and document the exploitation of high-complexity security issues.
- Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weaknesses
- Design controls and improvements to sharpen our capabilities to defend against attackers in close cooperation with the teams responsible for implementing them.
- Document and present results to various target audiences, ranging from highly technical engineers over non-technical subject matter experts to executive leadership.
- Perform technical security assessments, code audits, design reviews, and Red team exercises.
- Contribute to developing tools and automation programs, security analysis, and testing automation projects.
- Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, and Win as a Team) as we scale globally and across new offices
Minimum requirements for the role:
- Ability to scope engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
- Report generation that clearly communicates testing and assessment details, results, and remediation recommendations
- Significant (8+ years) experience working in offensive/red team security
- Willingness to collaborate and mentor security engineers via documentation writing, code pairing, and other activities.
An ideal candidate also has the following:
- Hands-on practical Offensive Cybersecurity certifications (Sec+, OSCP, OSWE, eJPT, Pentest+, eCPPT, eWPT, GIAC, etc.) or equivalent.
- Cloud certifications (CCP, SAA, SAP, AWS Security Specialty, etc.) or equivalent.
- Strong programming skills; GO, C++, C#, Java, and/or object-oriented programming.
- Embedded Linux experience a plus
At Samsara, we welcome everyone regardless of their background, race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, etc. We depend on the unique approaches of our team members to help us solve complex problems. We are committed to increasing diversity across our team and ensuring that Samsara is a place where people from all backgrounds can make an impact.
Samsara is an inclusive work environment, and we are committed to ensuring equal opportunity in employment for qualified persons with disabilities. Please email email@example.com or click here if you require any reasonable accommodations throughout the recruiting process.
Full time employees receive an above market total compensation package along with employee-led remote and flexible working, health benefits, Samsara for Good charity fund, and much, much more. Take a look at our Benefits site to learn more.
At Samsara, we have adopted a flexible way of working, enabling teams and individuals to do their best work, regardless of where they’re based. We value in-person collaboration and know a change of scenery and quiet space to work is welcomed from time to time, but also appreciate that the world of work has changed. Our offices remain open for those who prefer to collaborate or work in-office, but we also encourage fully remote applicants. As most roles are not required to be in the office, we are able to hire remotely where Samsara has an established presence. If a role is required to be in a certain location and candidates do not have work authorization for that location, Samsara will conduct an immigration assessment. If the role is not required to be in a specific location, Samsara will move forward with the remote location that works best for the business. All offers of employment are contingent upon an individual’s ability to secure and maintain the legal right to work at the company.
Please note: Samsara does not accept agency resumes and is not responsible for any fees related to unsolicited resumes. Please do not forward resumes to Samsara employees.
Tags: Analytics Audits Automation AWS C Cloud Compliance eWPT Exploit GCP GIAC Internet of Things Java Linux Monitoring Offensive security OSCP OSWE PaaS Pentesting Red team SaaS SAP Security analysis Security assessment Strategy Vulnerabilities
Perks/benefits: Career development Flex hours Health care Home office stipend Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Operations Analyst jobs
- Open Senior SOC Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open SOC Analyst jobs
- Open Staff Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Manager Pentest H/F jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open IT Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open IT Security Specialist jobs
- Open Infosec Risk Manager jobs
- Open Cyber Program Manager jobs
- Open o365 Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Staff Information Security Engineer jobs
- Open Cyber Hunt SME jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Security Operations Engineer jobs
- Open Agile-related jobs
- Open SIEM-related jobs
- Open GCP-related jobs
- Open Clearance-related jobs
- Open Risk assessment-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Java-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs
- Open Cryptography-related jobs
- Open CISA-related jobs
- Open Encryption-related jobs