KPMG LLPSenior Specialist, MAST Application Penetration Tester KPMG LLPSenior Specialist, MAST Application Penetration TesterSeattle, WAFull timeOne or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA). If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
KPMG LLPSenior Specialist, Web Application Penetration Tester KPMG LLPSenior Specialist, Web Application Penetration TesterSeattle, WAFull timeOne or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA). If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
KPMG LLPSenior Specialist, AI Penetration Tester KPMG LLPSenior Specialist, AI Penetration TesterSeattle, WAFull timeDemonstrate AI penetration testing findings to technical and non-technical audiences, including live demos, and collaborate with engineering, development, and security teams to lead remediation discussions and advise on secure AI model development and deployment best practices. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
KPMG LLPManager, Cyber Assessment (Penetration Testing) KPMG LLPManager, Cyber Assessment (Penetration Testing)Seattle, WAFull timeExperience with common and emerging security threats, scanning tools, and assessment methodologies and demonstrated experience and understanding of security principles, IT security controls and related technologies and products; strong verbal/written communication, problem solving, analytical and independent judgment skills to support an environment driven by customer service and teamwork. Bachelor's degree from an accredited college or university is preferred; minimum of a high school diploma or GED is required; relevant certifications such as GPEN, OSCP, OSCE, CISSP, or similar are highly preferred; Certifications in Azure a plus.
KPMG LLPLead Specialist, Application Penetration Testing Manager KPMG LLPLead Specialist, Application Penetration Testing ManagerSeattle, WAFull timeQualifications: Minimum five years of recent experience working with using application penetration tools to perform security tests such as AppScan, Netsparker, Acunetix, ZAP, Veracode, BurpSuite or equivalent; minimum five years of recent experience working with technical and non-technical audiences in reporting results and leading remediation conversations; minimum five years of recent experience leading application security testing teams in a consulting environment. Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice, mentor onshore and offshore team members on tools and techniques in performing testing; operate as a mentor and people leader to foster career growth amongst team members.
KPMG LLPSpecialist, Security Tester KPMG LLPSpecialist, Security TesterSeattle, WAFull timeMinimum one year of recent experience performing application and/or network penetration tests using tools such as AppScan, NetsSparker, Acunetix, BurpSuite, OWASP ZAP, Tenable Nessus, Qualys, Kali Linux, Metasploit, or equivalent; minimum one year of recent experience working with technical and non-technical audiences in reporting results and leading remediation conversations. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
ASM Research, An Accenture Federal Services CompanyNewPenetration Tester / Security Assessor ASM Research, An Accenture Federal Services CompanyPenetration Tester / Security AssessorOlympia, WA$90,000–$109,000 / yearCompensation Ranges** Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate data and cyber security risks.
SmartsheetSenior Security Engineer II, Application Security SmartsheetSenior Security Engineer II, Application SecurityBellevue, WA$175,000–$245,000 / yearFull timeSecure AI Systems and Use AI to Scale Security: Conduct security reviews and threat modeling of AI-integrated product features (LLM workflows, agentic pipelines, model APIs) with working knowledge of AI-specific risk classes including prompt injection, model manipulation, and runtime control gaps; and in parallel, deploy AI and automation as a force multiplier by building tooling, pipelines, and integrations that extend the team's reach, accelerate triage, and drive risk visibility at a scale manual effort alone cannot achieve. Run Bug Bounty Operations: Serve as the expert validation layer for Smartsheet's bug bounty program, reproducing and assessing complex, multi-step researcher submissions requiring authenticated context and deep platform knowledge, making defensible severity and payout decisions, and owning program operations including researcher engagement, metrics, and continuous improvement.
Benton PUDIT Security Engineer II or III Benton PUDIT Security Engineer II or IIIKennewick, WA$107,232–$168,508 / yearFull timeMonitor, audit, and execute security controls and tools to maintain network security by identifying potential security issues to include performing network security threat/impact assessments and scans, recommending security measures, installing and monitoring security devices, and installing patches, and updates as needed; lead mitigation efforts to remediate discovered security deficiencies. Perform or lead vulnerability assessments, security risk assessments, system audits and penetration testing activities to test and audit existing or proposed systems, networks, functions or software: recommend changes in identified design gaps; and lead remediation or mitigation efforts.
Ampcus, IncSecurity Engineer IV Ampcus, IncSecurity Engineer IVSeattle, WAFull timeYou will evaluate System-on-a-Chip (SoC) security features including secure boot implementation, fault injection protection, secure key storage, anti-rollback mechanisms, cryptographic key management, and debug interface restrictions. You will work at the intersection of hardware design, security engineering, and manufacturing processes to deliver secure, reliable products to millions of customers worldwide.
AMAZON.COM SERVICES LLCSecurity Engineer II - AMZ10108414 AMAZON.COM SERVICES LLCSecurity Engineer II - AMZ10108414Seattle, WA$159,300–$202,400 / yearFull timeMust have one year of experience in the following skill(s): (1) application and infrastructure information security; (2) application of threat modeling or other risk identification techniques; (3) knowledge of system security vulnerabilities and remediation techniques, including penetration testing, source code review, configuring advanced runtime and static vulnerability testing tools and the development of exploits; (4) programming in Java, C, C++, Perl, Ruby or Python; and (5) coordinating responsibility of technical security tasks. Provide frontline support for all information security related issues, such as penetration testing, network and service configuration, advising on security policy compliance, handling data confidentiality issues, and monitoring and responding to emerging threats.
AMAZON.COM SERVICES LLCNewSecurity Engineer II - AMZ9675247 AMAZON.COM SERVICES LLCSecurity Engineer II - AMZ9675247Seattle, WA$159,300–$202,400 / yearFull timeMust have one year of experience in the following skill(s): (1) application and infrastructure information security; (2) application of threat modeling or other risk identification techniques; (3) knowledge of system security vulnerabilities and remediation techniques, including penetration testing, source code review, configuring advanced runtime and static vulnerability testing tools and the development of exploits; and (4) coordinating responsibility of technical security tasks. Provide frontline support for all information security related issues, such as penetration testing, network and service configuration, advising on security policy compliance, handling data confidentiality issues, and monitoring and responding to emerging threats.
AMAZON.COM SERVICES LLCNewSecurity Engineer III - AMZ9787479 AMAZON.COM SERVICES LLCSecurity Engineer III - AMZ9787479Seattle, WARemote$179,234–$226,700 / yearFull timeMust have five years of experience in the following skill(s): (1) experience with system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits; (2) experience with security engineering practices, including all of the following: (a) web application security, (b) network security, (c) authentication and authorization protocols, (d) cryptography, and (e) automation; (3) experience with dynamic and manual code auditing to identify security issues; (4) programming in Java, C, C++, Perl, Ruby or Python; and (5) application of threat modeling or other risk identification techniques. Bachelor's degree or foreign equivalent degree in Computer Science, Engineering, Information Technology, Cybersecurity, Mathematics or a related field and five years of experience in the job offered or a related occupation.
Amazon.com Services LLCNewSecurity Engineer II - AMZ9675347 Amazon.com Services LLCSecurity Engineer II - AMZ9675347Seattle, WA$159,300–$202,400 / yearFull timeMust have one year of experience in the following skill(s): (1) application and infrastructure information security; (2) application of threat modeling or other risk identification techniques; (3) knowledge of system security vulnerabilities and remediation techniques, including penetration testing, source code review, configuring advanced runtime and static vulnerability testing tools and the development of exploits; (4) programming in Java, C, C++, Perl, Ruby or Python; and (5) coordinating responsibility of technical security tasks.100% telecommuting permitted, work may be performed from anywhere in the U.S. Provide frontline support for all information security related issues, such as penetration testing, network and service configuration, advising on security policy compliance, handling data confidentiality issues, and monitoring and responding to emerging threats.
AMAZON.COM SERVICES LLCNewSecurity Engineer III - AMZ9081355 AMAZON.COM SERVICES LLCSecurity Engineer III - AMZ9081355Seattle, WA$179,234–$226,700 / yearFull timeMust have four years of experience in the following skills: (1) experience in product or application security and incident response; (2) programming in modern languages including Python, Java, Go, TypeScript, or equivalent; (3) experience with AWS services, cloud security, and service-oriented architectures; (4) working with Authentication/Authorization (SAML/OIDC) protocols and network and web protocols (TCP/IP, UDP, IPSEC, HTTP, and HTTPS); (5) experience in threat modeling, secure design reviews, and penetration testing; (6) Experience in security detection engineering, threat hunting, and incident response; (7) Experience with implementing proactive security practices; and (8) developing and implementing security detections in cloud environments. Design, implement, and maintain scalable security solutions, including automated testing frameworks and continuous monitoring systems using Python, Go, or other relevant languages.
AMAZON DEVELOPMENT CENTER U.S., INC.,Security Engineer II - AMZ9956929 AMAZON DEVELOPMENT CENTER U.S., INC.,Security Engineer II - AMZ9956929Seattle, WA$159,300–$202,400 / yearFull timeMust have one year of experience in the following skill(s): (1) application and infrastructure information security; (2) application of threat modeling or other risk identification techniques; (3) knowledge of system security vulnerabilities and remediation techniques, including penetration testing, source code review, configuring advanced runtime and static vulnerability testing tools and the development of exploits; (4) programming in Java, C, C++, Perl, Ruby or Python; and (5) coordinating responsibility of technical security tasks. Provide frontline support for all information security related issues, such as penetration testing, network and service configuration, advising on security policy compliance, handling data confidentiality issues, and monitoring and responding to emerging threats.
OpenAI Inc.Security Engineer, Application Security OpenAI Inc.Security Engineer, Application SecuritySeattle, WA$260,000–$385,000 / yearFull timeFor unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage; return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment; and maintain the confidentiality of proprietary, confidential, and non-public information. As a Security Engineer, Application Security you will be responsible for identifying and mitigating security vulnerabilities within software applications through building security tools, code reviews, penetration testing, and security assessments.
OpenAI Inc.Offensive Security Engineer, Agent Security OpenAI Inc.Offensive Security Engineer, Agent SecuritySeattle, WA$347,000–$490,000 / yearFull timeFor unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage; return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment; and maintain the confidentiality of proprietary, confidential, and non-public information. This role isn't your typical red team job - it's an opportunity to engage broadly and deeply, craft innovative attack simulations, collaborate closely with defensive teams, and influence strategic security improvements across the organization.
PresidioSecurity Practice Lead (Nationwide) PresidioSecurity Practice Lead (Nationwide)Seattle, WAFull timeThis individual's primary responsibility is to act as subject matter expert for Presidio's Cybersecurity Solutions, driving overall Cybersecurity service (consulting and vSOC) and product (market leading OEM's/ISV's) revenue, and leading Cybersecurity field enablement in region by working closely with the broader Presidio Sales and Engineering organization. Presidio's expert technical team develops custom applications, provides managed services, enables actionable data insights and builds forward-thinking solutions that drive strategic outcomes for clients globally.
Cambia Health SolutionsIAM Security Architect Cambia Health SolutionsIAM Security ArchitectBurlington, WAFull timeWhat You Bring to Cambia: Qualifications: The Security Architect would have a Bachelor's degree in computer science, engineering or a related/relevant field with an advanced degree preferred plus ten years in IT with a minimum of two years in Information Security, two years of technical leadership and architecture experience and at minimum five years of experience evaluating business requirements and designing complete systems solutions in complex environments plus strong business understanding including health insurance technologies and regulations. As a member of the IT Security team, this strategic role will lead the evolution of our identity solutions across the enterprise-covering both workforce IAM (employees and contractors) and customer IAM (members, employers, providers, and producers).
Chelan County PUDControl Systems Engineer (III or IV) Chelan County PUDControl Systems Engineer (III or IV)Wenatchee, WA$109,040–$156,500 / yearFull timeTo perform this job successfully, an individual is required to have advanced/expert knowledge of Microsoft Excel; Microsoft Word; PC Hardware; Servers; General Office Equipment; PI Historian software; Compliance tools; Microsoft Windows server and Linux server and workstation operating systems; Visual Studio; Enterprise security management software; PLC, RTU, Meter, and IED hardware; C-family and scripting (PowerShell and Unix Shell) programming languages; and intermediate knowledge of Microsoft Outlook; Primavera; Maximo Asset Management; Monarch; Intellution; Network equipment operating systems; Microsoft Active Directory; SQL Server; Visio; and Telecommunication software. To perform this job successfully, an individual is required to have advanced/expert knowledge of Microsoft Excel; Microsoft Word; Monarch; Intellution; PC Hardware; Servers; General Office Equipment; PI Historian software; Compliance tools; Microsoft Windows and Linux server and workstation operating systems; Network equipment operating systems; Microsoft Active Directory; SQL Server; Visual Studio; Enterprise security management software; Telecommunication software; PLC, RTU, Meter, and IED hardware; C-family and scripting (PowerShell and Unix Shell) programming languages; and intermediate knowledge of Microsoft Outlook; Primavera; Maximo Asset Management; and Visio.
TYLER TECHNOLOGIES INCCloud Security Engineer TYLER TECHNOLOGIES INCCloud Security EngineerSeattle, WARemote$74,575–$150,000 / yearFull timeAs a Cloud Security Engineer, you will partner closely with infrastructure, product, and engineering teams in a fast-paced, results-driven environment, contributing hands-on expertise to secure, compliant, and resilient cloud services that support transformational change across Tyler's platform. Experience working with modern cloud security tooling, including infrastructure and cloud-focused code scanning, cloud security posture management, endpoint and workload telemetry, and centralized log analysis platforms.
KPMG LLPNewSenior Specialist, SOC Analyst Level II KPMG LLPSenior Specialist, SOC Analyst Level IISeattle, WAFull timeExperience with IDS/IPS, firewalls (Snort, Cisco, Fortigate, Sourcefire), Windows and Unix based systems, LAN/WAN technologies, TCP/IP, OSI model, penetration testing tools (Metasploit, Nmap, Kali), and incident response workflows. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
FlightSafety International IncSecurity Engineer FlightSafety International IncSecurity EngineerSeattle, WAFull timeYou will operate and tune vulnerability management tooling (including platforms such as Wiz, Microsoft Defender, and related scanners), validate and prioritize findings, and work closely with service owners-using systems such as ServiceNow and Jira-to drive timely remediation. Handson experience with one or more vulnerability management and cloud security tools, ideally including: Wiz (CNAPP / cloud exposure management), Microsoft Defender (Defender for Cloud / endpoint / server) and Traditional scanners (e.g., Tenable, Qualys, or similar).
KPMG LLPSpecialist Director, Managed Security Testing KPMG LLPSpecialist Director, Managed Security TestingSeattle, WAFull timeIf you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. Build and maintain strong client relationships, serving as a trusted advisor and ensuring high levels of satisfaction and retention; mentor and lead a team of security professionals, fostering a culture of innovation, accountability, and continuous improvement.
Palantir Technologies,Inc.Product Infrastructure Security Engineer Palantir Technologies,Inc.Product Infrastructure Security EngineerSeattle, WA$135,000–$200,000 / yearFull timeBy bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more. This includes posture analysis and management, infrastructure vulnerability scanning, investigation of security reports, and direct work with our incident response team on product security issues and incidents.
Palantir Technologies,Inc.Application Security Engineer Palantir Technologies,Inc.Application Security EngineerSeattle, WA$135,000–$200,000 / yearFull timeMembers of the Application Security Team have implemented software supply chain security controls (e.g., in-toto), implemented hardware-backed GPG key signing for commits, developed new security services, implemented security automation, or worked on massive-scale security problems. This includes static and dynamic code analysis, security scanning, investigation of security reports from InfoSec, our bug bounty program, or other trusted partners, and direct work with our incident response team on product security issues and incidents.
KPMG LLPNewDirector, Google Cloud Security, Solution Architect KPMG LLPDirector, Google Cloud Security, Solution ArchitectSeattle, WAFull timeInnovate and evangelize next-generation security operations solutions by leveraging Google Cloud's advanced capabilities, including AI and machine learning within the Google SecOps platform; critically assess client security technology and processes, providing expert justification for migrating to and optimizing with Google Cloud native security solutions. Collaborate closely with KPMG and Google Cloud sales teams to develop and present compelling technical solutions, product demonstrations, and architectural designs focused on Google Cloud's security portfolio (e.g., Google SecOps SIEM and SOAR, Google Unified Security, Security Command Center).
Google LLCSecurity Engineer Google LLCSecurity EngineerKirkland, WA$147,000–$211,000 / yearFull timeRequirements: Bachelor’s degree in Computer Science, Cybersecurity, Information Technology or a related field and 3 years of experience in the job offered or in a Security Engineer-related occupation. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
Snowflake Inc.Senior Security Architect, Applied Field Engineering (AFE) Snowflake Inc.Senior Security Architect, Applied Field Engineering (AFE)Bellevue, WA$172,000–$225,700 / yearFull timeWe look for low-ego individuals who thrive in dynamic and fast-moving environments and move with an experimental mindset - who rapidly test emerging capabilities to discover simpler, more powerful ways to deliver results. You will partner closely with Sales, GTM, Engineering, and Marketing to help customers transform their business within the Snowflake AI Data Cloud while maintaining a world-class security posture.
SOC, LLCNewIT Analyst - Seattle, WA - REMOTE Technology Systems SOC, LLCIT Analyst - Seattle, WA - REMOTE Technology SystemsSeattle, WARemoteFull timeResponsibilities include close collaboration with project team leads to work with business users, IT teams, and vendors to document and validate requirements, map requirements to configuration, configure OMS product, create test cases, and ensure a structured system implementation approach. Experience executing System Integration Testing (SIT) and End to End scripts, conducting smoke testing, assist with any testing with end users, including documenting, reviewing, and tracking defects.
HackerOne Inc.Senior Security Engineer, Detection and Response HackerOne Inc.Senior Security Engineer, Detection and ResponseSeattle, WARemoteFull timeSuccess in the Senior Security Engineer role will be accomplished by delivering on the responsibilities below in alignment with the Values and Principles that define how we work at HackerOne: Design, build, and maintain detection-as-code capabilities across cloud infrastructure, SaaS applications, endpoints, and identity systems, improving coverage and signal quality through Data-Driven Decision Making. As a Senior Security Engineer, you will design and deliver detection and response capabilities that protect a modern, cloud-native environment by writing code, building AI-powered tooling, and automating workflows end-to-end.
Starbucks Coffee CompanyNewEngineer II - ST Starbucks Coffee CompanyEngineer II - STSeattle, WA$135,265–$156,900 / yearFull timeAssists in designing, developing, and deploying network services, OS configuration, container orchestration, environment setup and refresh, backup, service discovery, monitoring, DDOS services, configuration management, alerting, and network. Incorporates new technologies, concepts (such as distributed computing and parallel processing), and development languages, and understand implications from design and implementation choices, including scalability, durability, flexibility, security, user accessibility, realized software quality and effectiveness in learning.
Cribl, IncStaff AI Security Engineer Cribl, IncStaff AI Security EngineerOlympia, WAFull timeSecrets, Identity & Token Protection: Establish secure patterns for secrets management, non-human identities, scoped credentials, OAuth-based access, and token governance to enforce least-privilege access and reduce credential exposure in AI builds. * Shadow AI Discovery & Remediation: Partner with Business Operations to maintain visibility into AI tools, licenses, API tokens, MCP servers, and ad hoc workflows in use across the company, and monitor for ungoverned or high-risk patterns that require remediation.
Stripe, LLCNewSecurity Engineer IC-02 Stripe, LLCSecurity Engineer IC-02Seattle, WA$158,800–$238,200 / yearFull time2 years of experience building software applications in Go, Python, Java, JavaScript, or C#; 2 years of experience with AWS or Azure cloud infrastructure-as-a-service providers; 1 year of experience securing cloud applications and endpoints; 1 year of experience with security threat modeling, incident response, or investigations; and. Bachelor’s degree or foreign equivalent in Computer Science, Information Technology, or related field followed by 2 years of security solutions IT experience.
PwC IT Services Co.IT Services- Red Team Senior Associate PwC IT Services Co.IT Services- Red Team Senior AssociateSeattle, WA$86,500–$166,000 / yearEducation** _(if blank, degree and/or field of study not specified)_ Degrees/Field of Study required: Degrees/Field of Study preferred: **Certifications** _(if blank, certifications not specified)_ **Required Skills** **Optional Skills** Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Bash (Programming Language), Common Vulnerability Scoring System (CVSS), Communication, Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption, Ethical Hacking, Firewall (Network Security), Inclusion, Information Security, Information Security Management System (ISMS), Information Security Risk Assessments, Intellectual Curiosity, Intrusion Detection System (IDS), IT Infrastructure, Kali Linux, Learning Agility, Microsoft Active Directory {+ 25 more} **Desired Languages** _(If blank, desired languages not specified)_ **Travel Requirements** Up to 20% **Available for Work Visa Sponsorship?** **Line of Service** Internal Firm Services **Industry/Sector** Not Applicable **Specialism** IFS - Information Technology (IT) **Management Level** Senior Associate **Job Description & Summary** At PwC, our people in Offensive Security focus on improving the organizations resilience against dedicated adversaries by testing key elements of the security program, including technology, people, and process.
StratAcuity Staffing Partners IncSecurity Engineer/Tester StratAcuity Staffing Partners IncSecurity Engineer/TesterSeattle, WA$60–$67 / hourIn terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. In-depth domain understanding of application security, including Identity and Access Management (IAM) and various authentication technologies (passwords, biometrics, OTP, digital certificates, PKI, FIDO U2F/Passkeys).
Salesforce IncProduct Security Lead Salesforce IncProduct Security LeadBellevue, WA$172,500–$260,100 / yearStrong understanding of: • Application security vulnerabilities and attack chains • Identity and access control failures • Cloud security and hybrid environments • Common defensive controls and their real-world limitations • Security risks specific to AI and LLM-based systems Hands-on experience with: • Manual exploitation and vulnerability chaining • Custom scripts, payloads, or proof-of-concept development • Advanced use (and limitation awareness) of automated testing tools • Testing AI-powered applications and APIs Ability to clearly articulate: • Exploitation mechanics and impact • Risk in business and engineering terms • Practical, prioritized remediation strategies Strong communication skills and experience working directly with engineers, security teams, and leadership. • Identify, exploit and demonstrate realistic business and risk impact • Perform advanced penetration testing activities, including: • Manual exploitation beyond automated tooling • Business logic and authorization abuse • Privilege escalation • Abuse of identity, access, and trust relationships • AI-specific offensive testing, including prompt injection, indirect prompt injection, and abuse of AI integrations.
CoinbaseSenior Offensive Security Engineer (IOT / Network Pentesting) CoinbaseSenior Offensive Security Engineer (IOT / Network Pentesting)Olympia, WA$186,065–$218,900 / yearProven expertise in penetration testing the full digital security of physical spaces, including building management systems (BMS), physical access control systems (PACS), IoT/home automation devices, wireless protocols (LoRaWAN, Bluetooth, Zigbee, etc) and networked security infrastructure (e.g., IP cameras and alarms). Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available https://www.coinbase.com/legal/application-arbitration-agreement *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants.
Bank of AmericaSenior Offensive Security Engineer - Pentester Bank of AmericaSenior Offensive Security Engineer - PentesterSeattle, WASenior Offensive Security Engineer - Pentester Denver, Colorado;Seattle, Washington; Charlotte, North Carolina; Jacksonville, Florida; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois; Jacksonville, Florida **To proceed with your application, you must be at least 18 years of age.** Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Denver/Senior-Full-Stack-Pentester\_26001769) **Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.** + Must be able to effectively code in a programming or scripting language (Python, Java, C#, etc.) Desirable Skills: + Certifications: OSCP, GPEN, GXPN, OSED, OSEP, OSWE, OSCE, GWAPT + Ability to work remotely if/when necessary + Previous experience working in the financial industry + Experience with hardware hacking, embedded systems analysis, and IoT hacking This job will be open and accepting applications for a minimum of seven days from the date it was posted.
EYCyber Threat Detection - Active Defense Analyst EYCyber Threat Detection - Active Defense AnalystSeattle, WA$128,100–$239,600 / yearCommunicate with server owners, system custodians, and IT contacts to pursue security testing activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Create presentations in MS Word, PowerPoint, and/or Excel that support findings + Maintain, manage, improve and update security testing process and protocol documentation + Assist in analyzing findings, and develop fact based reports + Identify means to disrupt attacker actions, and enhance defender response capabilities. + Global mind-set for working with different cultures and backgrounds + Demonstrated integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities + Teaming skills as well as ability to work independently on taskings + Good social, communication, and writing skills + Qualifications, Certifications and Education requirements: + Associates Degree and/or any of the following certifications: GPEN, CISSP, Security+, GCIH, OSCP, GCFE, CFCE, other relevant GIAC certs.
Bank of AmericaManual Ethical Hacker Bank of AmericaManual Ethical HackerSeattle, WAManual Ethical Hacker Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Charlotte, North Carolina; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Denver/Manual-Ethical-Hacker\_26000923) **Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.** Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing + Perform assessments of the security, effectiveness, and practicality of multiple technology systems + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security.
Bank of AmericaSenior Manual Ethical Hacker Bank of AmericaSenior Manual Ethical HackerSeattle, WARequired Skills: + **Minimum of 5+ years of** **professional** **pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment** + Detailed technical knowledge in at least 5 of the following areas: + security engineering + application architecture + authentication and security protocols + application session management + applied cryptography + common communication protocols + mobile frameworks + single sign-on technologies + exploit automation platforms + Web APIs + Cloud environments + LLM security + Mobile application analysis + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with DAST and SAST tools to identify vulnerabilities + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques. Senior Manual Ethical Hacker Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Charlotte, North Carolina; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Denver/Senior-Manual-Ethical-Hacker\_26001764) **Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.**
Microsoft CorporationNewSenior Security Engineer and Principal Security Engineer (Multiple Positions)- Windows Security Microsoft CorporationSenior Security Engineer and Principal Security Engineer (Multiple Positions)- Windows SecurityRedmond, WA$119,800–$234,700 / yearResponsibilities** + Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing + Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices + Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices Leverage a broad and current understanding of security to devise new protections + Interact with the external security community and security researchers + Collaborate with product teams to improve security, and articulate the business value of security investments **Qualifications** **Required Qualifications:** + Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field + OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field + OR equivalent experience. **Preferred Qualications:** + Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field + OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field + OR equivalent experience.
AmazonSecurity Engineer, Payments Security AmazonSecurity Engineer, Payments SecuritySeattle, WABasic Qualifications - Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security - 2+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing experience - Experience with threat modeling and penetration testing - Knowledge of security technology and concepts (Authentication, Authorization, Single sign-on, Cryptography, etc.) - Experience in written and verbal communication skills to communicate with technical and non-technical audiences, including senior leadership - Experience in scripting, programming, or security code reviewing in a common language, such as Python, Java, or C+Preferred Qualifications - Experience with AWS services or other cloud offerings - Experience implementing security solutions at the cross-team level - 1+ year of experience in Secure SDLC - Ability to drive multiple technically complex security reviews together while remaining effective at providing security guidance to stakeholders. Additionally, the successful candidate will be: - Methodically empirical and experimental in approach and evaluation without being bound by over paralysis-by-analysis; - Work ceaselessly to improve knowledge of the security field, threat landscape, security intelligence, moving proactively toward prevention and detection of threats; - Be an enthusiastic learner and curiosity seeker, focusing on what can be done rather than hindered by notions of what cannot be; - Possess effective verbal and written communication skills, be passionate about sharing knowledge, tactics, strategy, as well as advocating for the project mission; - Have excellent time management skills along with the ability to deliver results in the face of uncertainty; and - Evangelize security within Amazon.com and be an advocate for customer trust.
EnsonoNewSecurity Senior Solution Architect- Remote from Central or Eastern time zones with travel EnsonoSecurity Senior Solution Architect- Remote from Central or Eastern time zones with travelOlympia, WARemote$129,000–$180,000 / yearWhat You Will Do:** · Work with clients to obtain solution requirements for security infrastructure · Create written designs for security solutions that meet or exceed requirements utilizing a reference architecture · Serve as the technical subject matter expert for implementations and ensure adherence to proposed designs · Present cost estimates for security solution implementation processes and ongoing production support · Engage in project communications with clients using a consultative approach, anticipate obstacles, and recommend solution options to mitigate · Ensure security solution designs fulfill functional and technical requirements and can consistently meet progress against service level agreements (SLAs) · Maintain accountability for the accuracy, process, integrity, quality, and stewardship of client security infrastructure solutions · Collaborate with cross-functional teams to integrate security best practices across hybrid IT environments. As a Security Senior Solution Architect, you will provide fully-costed solution architecture to meet client and prospective client requests, maintain and update documentation related to organization-wide IT activities and technology roadmaps, and communicate progress and direction through formal presentations, collaborative meetings, and content publishing to mixed audiences.
AmazonSenior Security Engineer, Internal Audit AmazonSenior Security Engineer, Internal AuditSeattle, WAUSA, MA, Virtual Location - Massachuset - 178,400.00 - 226,700.00 USD annually USA, OR, Virtual Location - Oregon - 178,400.00 - 226,700.00 USD annually USA, WA, Virtual Location - Washington - 178,400.00 - 226,700.00 USD annually You will operate as a security lead, partnering with world-class engineering teams to uncover vulnerabilities, design novel abuse scenarios, and assess large-scale security solutions across Amazon's products, services, and infrastructure.
Microsoft CorporationNewSecurity Engineer II - Windows Security (Multiple Positions) Microsoft CorporationSecurity Engineer II - Windows Security (Multiple Positions)Redmond, WA$102,100–$202,200 / yearQualifications** **Required Qualifications:** + Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field + OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field + OR equivalent experience. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $133,800 - $219,200 per year.
Staris AIOffensive Security Engineer Staris AIOffensive Security EngineerSeattle, Washington$150,000–$200,000 / yearStaris AI is a Series A ventured-backed firm that is reinventing application security with its innovative AI-powered penetration testing that continuously validates and remediates real attack paths in running applications. This role goes beyond conventional application security and penetration testing; you'll be instrumental in advancing the field of automated software attack and simulation with your expertise in threat simulation and attack automation.
AmazonNewSecurity Engineer II - AMZ9675247 AmazonSecurity Engineer II - AMZ9675247Seattle, WA$159,300–$202,400 / yearDescription MULTIPLE POSITIONS AVAILABLE Employer: AMAZON.COM SERVICES LLC Offered Position: Security Engineer II Job Location: Seattle, Washington Job Number: AMZ9675247 Position Responsibilities: Provide frontline support for all information security related issues, such as penetration testing, network and service configuration, advising on security policy compliance, handling data confidentiality issues, and monitoring and responding to emerging threats. Must have one year of experience in the following skill(s): (1) application and infrastructure information security; (2) application of threat modeling or other risk identification techniques; (3) knowledge of system security vulnerabilities and remediation techniques, including penetration testing, source code review, configuring advanced runtime and static vulnerability testing tools and the development of exploits; and (4) coordinating responsibility of technical security tasks.#0000