Offensive Security Engineer
Mountain View, CA
BE PART OF BUILDING THE FUTURE.
Since our founding in 2009, Pure Storage has empowered innovators to build a better world with data. In less than eight years, Pure reached $1B in sales, faster than nearly every enterprise company in history, and our incredible growth continues to outpace the competition.
Our mission? Give technologists their time back by delivering a modern data experience that empowers organizations to run their operations as a true, automated, storage as-a-service model seamlessly across multiple clouds.
The secret sauce? More than 3,000 team members (and growing!) around the world who join forces to invent the next big thing. And then the next one.
We’ve only scratched the surface of our ambitions, and as we continue to gobble up market share, we’re blazing trails and setting records:
- For seven straight years, Pure has been named a leader in the Gartner Magic Quadrant (five years in the MQ for Solid-State Arrays, and two in the newly created MQ for Primary Storage).
- Our customer-first culture and unwavering commitment to innovation have earned us a 2020 Medallia Net Promoter Score, certified by Owen CX, in the top 1% of B2B companies.
If you, like us, say “bring it on” to exciting challenges that change the world, we have endless opportunities where you can make your mark.
SHOULD YOU ACCEPT THIS CHALLENGE...
About the Role
Working closely with security operations, internal development teams, and the product R&D teams to identify security issues, this role uses various offensive security methods (atomic testing, adversary emulation, penetration testing) to identify vulnerabilities in networks and systems. Additionally, the offensive security function will test and validate deployed detective and defensive capabilities deployed to protect business processes and the enterprise network.
You may Reference The Fine Manual, but only as a starting point so you can quickly go out of bounds and better uncover the unexpected. When you were younger, you got in trouble for taking apart small appliances and didn’t get the deserved credit for improvements as you re-imagined them.
DEFCON is your Summer Home and Python is your Swiss Army knife .
Required Skills and Responsibilities
- Experience in project or program management in a fast-paced environment
- 3-5 yrs. experience in Red Teaming, penetration testing, systems analysis, or similar
- Advanced understanding of digital communications and Information Technology standards and security trends
- A penchant for documenting established processes and procedures in order to add a level of consistency to an ad-hoc, chaotic environment
- Inquisitive, analytical, imaginative, intelligent, strategic, logical, self-aware, curious, and open-minded
- Desire to learn and grow your skills while working with a diverse team
- Ability to educate and train others
- Strong communications skills in order to foster and support effective partnerships with key groups, stakeholders, and individuals
- Ability to effectively communicate – specifically, threats, vulnerabilities, and risks to key clientele who may not initially understand the security discipline
WHAT YOU’LL NEED TO BRING TO THIS ROLE...
- 5+ years of offensive security experience
- Familiarity with -but not a reliance upon- the tools and scripts in pentesting collections like Kali
- Experience using Dradis
- Familiarity with the MITRE ATT&CK framework and mapping techniques and procedures to defensive operations
- Experience with application security testing tools such as Burp Suite, Dradis, Nmap or Metasploit
- A good understanding of containerization technologies and high comfort level running applications as Docker containers or in a Kubernetes cluster environment
- Understanding and identification of the OWASP Top 10 vulnerabilities
- Knowledge of Secure SDLC frameworks
- Experience with DAST and SAST technologies
- Experience with deploying or managing workloads in AWS
- Experience in performing Purple Team engagements
- Experience on the Blue Team side of information security
- Experience in IT operations
- Security certifications such as GWAPT, Offensive Security, CISSP, CISM or GIAC
This position will start remote, with the expectation to frequently work onsite at our Mountain View, CA office once employees return to the office.
BE YOU—CORPORATE CLONES NEED NOT APPLY.
Pure is where you ask big questions, think differently, and make an impact. This is not just a job, but a place where you have a voice and can accelerate your career. We value unique thoughts and celebrate individuality, and with ample opportunity to learn, develop yourself, and expand into different roles, joining Pure is an investment in your career journey.
Through our Pure Equality program, which supports a flourishing field of employee resource groups, we nourish the personal and professional lives of our team members. And our Pure Good Foundation gives back to local and global communities through volunteering and grants.
And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events.
PURE IS COMMITTED TO EQUALITY.
Research shows that in order to apply for a job women feel they need to meet 100% of the criteria while men usually apply after meeting about 60%. You don't have to meet all the job requirements. If you believe you can do the job and are a good match, we encourage you to apply.
Pure is proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire.
If you need assistance or an accommodation due to a disability, you may contact us at TA-Ops@purestorage.com.
APPLICANT & CANDIDATE PERSONAL INFORMATION PRIVACY NOTICE.
If you're wondering how or why Pure collects or uses information you provide, we invite you to check out our Applicant & Candidate Personal Information Protection Notice.
DEEMED EXPORT LICENSE NOTICE.
Some positions may require a deemed export license for compliance with applicable laws and regulations. Please note: Pure does not currently sponsor deemed export license applications so we are unable to proceed with applicants requiring stated sponsorship.
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Senior Penetration Tester Jobs
- Open IT Security Engineer Jobs
- Open SOC Analyst Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Information Security Officer Jobs
- Open Vulnerability Analyst Jobs
- Open Principal Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Engineer Jobs
- Open Information Security Architect Jobs
- Open Personnel Security Officer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Staff Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open Infrastructure Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open DevOps Security Engineer Jobs
- Open Senior Incident Response Analyst Jobs
- Open Computer Forensic Software Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open IAM Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Incident Response Manager Jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open NIST-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Machine Learning-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open Encryption-related jobs
- Open HIPAA-related jobs
- Open DevSecOps-related jobs
- Open Cryptography-related jobs
- Open Unix-related jobs
- Open TCP/IP-related jobs
- Open PowerShell-related jobs
- Open DNS-related jobs