Founding Security Engineer

What You’ll Do

• Create goal-oriented AI agents capable of executing multi-step offensive security workflows to help our customers identify, prioritize, and remediate vulnerabilities
• Build and optimize a cloud-native framework that leverages AWS services to support AI-powered offensive security workflows at scale
• Integrate cutting-edge LLM models with cybersecurity tools and datasets to simulate traditional human-driven workflows
• Continuously refine and expand the capabilities of Specular to help our customers stay ahead of e-crime and nation state cyber attacks
• Collaborate closely with our customers to understand their unique security challenges, gather feedback on existing tools, and identify opportunities for improvement

Required Experience

• Offensive Experience: 3+ years of experience in offensive security, red teaming, or penetration testing.
• Software Engineering: Proficient in Python, Bash, PowerShell, and AWS services (ECR/ECS, Lambda, S3, etc) to automate attacks.
• Red Teaming / Penetration Testing Experience: Expertise in simulating e-crime or advanced persistent threat (APT) scenarios to test enterprise security defenses.
• Attack Simulation (External): Experience analyzing and exploiting organization network perimeters with a focus on web applications, cloud, and other common enterprise applications.
• Attack Simulation (Internal): Experience with reconnaissance, privilege escalation, lateral movement, and exfiltration within Active Directory, Cloud (AWS/Azure/GCP), and hybrid networks
• Vulnerability Analysis: Experience with traditional vulnerability scanners and tools like NMAP, Nessus, Qualys, Nuclei, Burpsuite, etc.
• Vulnerability Exploitation: Familiarity with identifying and exploiting a wide array of vulnerabilities across different operating systems and architectures.
• Reporting and Communication: Skilled in writing findings and recommendations to simply convey simply technical concepts to senior leadership and non-security personnel.

Bonus Points Experience

• Prompt Engineering: Skilled in crafting effective prompts to optimize the performance of language models and enhance AI-driven applications.
• Large Language Models (LLM) Frameworks: Practical experience with at least one of the popular frameworks such as:
  • LangChain: For building applications with large language models
  • LlamaIndex: For developing and deploying language models
  • AutoGen: For creating agentic workflows
• API Development: Expertise in designing and implementing RESTful APIs to facilitate communication between different components of the AI system.
• Compliance Frameworks: Familiarity with offensive security operations in the context of compliance frameworks like PCI-DSS, HIPAA, and SOC 2.

Compensation

The base salary range for this position in the U.S. is $150,000 - $225,000 per year + equity + benefits.