Senior Offensive Security Engineer (IoT)

Company Overview: 

At Praetorian, we are bringing together the world's brightest minds in pursuit of solving the cybersecurity problem by reducing the friction of security and enabling the next wave of technological innovation. From projects that range from cryptocurrency exchanges to autonomous vehicles and from medical device platforms to space telescopes, we apply expertise and engineering to help secure our customers.

Explore our exciting New Hire Survival Guide to dive into Praetorian's mission, vision, values, and culture! Discover our competitive benefits and perks we offer.

Career Opportunity:

• Join an industry with massive socio, economic, and political importance in the 21st century
• Work alongside some of the best and the brightest minds in the security industry
• Work with prominent clients and help them solve hard security problems
• Leave an indelible mark on a company where individual input has real impact
• Align your career trajectory with a hyper-growth company that is on the move

Core Responsibilities:

• Provide technical execution on challenging offensive security projects focused on IoT Security for our customers
• Identify nuanced vulnerabilities in advanced systems
• Develop custom methodologies, payloads, exploits, and tools to ensure project success
• Develop documentation for novel mitigation strategies to emerging or undocumented security risks identified in client environments
• Develop comprehensive reports and presentations for our customers
• Serve as a mentor to other engineers in their technical and professional development
• Collaborate with the security community to develop novel attack techniques, tactics, and procedures (TTPs) through Praetorian’s Security Blog and other forms of community engagement

Desired Qualifications:

• Demonstrated passion for offensive security and adversarial engineering
• 2+ years of IoT security experience in one or more cross-functional areas: hardware or software reverse engineering, firmware analysis, embedded cryptography, wireless protocols, glitching/side-channel analysis, or IoT PaaS security
• Additional experience in at least 3 of the following:
  • Product Security Testing (Application, Mobile, LLM)
  • Network Security Testing and/or Red Team
  • Web Application Penetration Testing
  • Cloud Security (AWS, Azure, GCP)
  • Secure Code Review
  • Reverse Engineering 
  • Vulnerability Research/ Exploit Development
• Understanding of threat models, attack paths and intelligence considerations within the scoping of technical projects 
• Ability to write technical reports and present technical findings both internally and externally
• Experience with startup and/or high-tech companies

+1 Qualifications:

• Prior security consulting experience a major plus
• Software development experience in core offsec languages such as golang or python
• Capture-the-flag, CCDC, CPTC or other security related competitions
• Ranked achievements on testing platforms such as Hack the Box, Tryhackme, Portswigger and similar 
• Track record in vulnerability research, exploit development, and CVE assignments
• Demonstrated open source contribution with git commits to popular offsec projects
• Security community experience via presentations, conference attendance, blogs, white papers and similar 
• PNPT, BSCP, OSCP, OSWE, OSCE, OSEP, OSED, CRTO, cloud certifications and similar 
• Bachelors degree in computer science, computer engineering, mathematics, or physics

Desired Behaviors:

• Fanatical passion for cybersecurity and the challenges it presents
• Customer centric focus with an obsessive need to wow and delight each client
• Ability to maintain high levels of output and work ethic
• Personable individual who enjoys working in a team-oriented environment
• Self-starter and independent learner that is able to spin up quickly

Compensation & Benefits:

• Competitive salary
• Equity Incentive Plan, offering ownership stakes in the company
• Continuous learning opportunities through our internal Learning & Development (L&D) program, including training, certifications, and conferences to support your career growth
• Recognition and rewards for speaking engagements at industry events and conferences
• Comprehensive health and dental insurance coverage
• Immediate 401(k) matching
• Paid maternity and paternity leave

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

We are committed to an inclusive and diverse Praetorian.  We are an equal opportunity employer.  We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.