[Remote] Senior Offensive Security Engineer (Red Team)
Note: The job is a remote job and is open to candidates in USA. Salesforce is the #1 AI CRM, where humans with agents drive customer success together. They are seeking a Senior Offensive Security Engineer (Red Team) to execute advanced offensive security operations, design real-world adversary simulations, and translate red team operations into actionable insights to improve security capabilities.
Responsibilities
- Execute hands-on red team operations simulating real-world threat actors across applications, platforms, cloud infrastructure, and enterprise environments
- Identify, exploit, and chain high-impact vulnerabilities and weaknesses to achieve defined attacker goals
- Perform advanced offensive activities, including: Manual exploitation and attack chaining, Abuse of identity, authorization, and trust relationships, Bypassing security controls and detections
- Contribute to the design and execution of end-to-end attack campaigns under the guidance of the Red Team Director
- Develop a deep understanding of products and systems through the lens of adversary abuse and exploitation
- Collaborate closely with: Detection & Response teams to test alerts, visibility, and response workflows, Incident Response teams during simulated incidents, Engineering and platform teams to explain exploitation paths and root causes
- Produce clear, technically detailed findings that translate into actionable remediation guidance
- Contribute to tooling, automation, and tradecraft improvements, including collaboration with the AI-Automation team
- Share knowledge and mentor junior red team engineers, helping raise overall tradecraft quality
Skills
- Deep hands-on experience in offensive security, red teaming, or high-impact penetration testing
- Proven experience executing complex offensive engagements in production-like environments
- Strong understanding of adversary tactics, techniques, and procedures (TTPs)
- Strong understanding of identity and access abuse
- Strong understanding of application and infrastructure attack chains
- Strong understanding of cloud and hybrid enterprise attack surfaces
- Hands-on experience with manual exploitation and attack chaining
- Hands-on experience with writing custom scripts, tooling, or payloads
- Hands-on experience with bypassing security controls and detections
- Ability to clearly articulate how attacks were performed
- Ability to clearly articulate why defenses failed
- Ability to clearly articulate what mitigations will meaningfully reduce risk
- Strong communication skills and experience collaborating with security and engineering teams
Benefits
- Time off programs
- Medical
- Dental
- Vision
- Mental health support
- Paid parental leave
- Life and disability insurance
- 401(k)
- Employee stock purchasing program
Company Overview
Company H1B Sponsorship