About the role

Staff Offensive Security Engineer at Greenlight, leading offensive security strategies and vulnerability assessments. Collaborating with teams to enhance security measures and ensure safe banking for families.

Responsibilities

Lead Technical Strategy: Define the long-term vision for offensive security at Greenlight, moving beyond point-in-time testing to continuous security validation.
Red Teaming & Adversary Simulation: Design and execute complex, multi-stage adversary simulations targeting our cloud infrastructure (AWS), mobile applications (iOS/Android), and internal corporate environments.
Vulnerability Research: Conduct deep-dive research into high-risk areas of our ecosystem, identifying zero-day vulnerabilities or sophisticated logic flaws that automated tools miss.
Pave the "Golden Path": Partner with DevOps and Engineering to build automated security guardrails and "self-healing" infrastructure that prevents common attack vectors from being introduced.
Incident Response Support: Work closely with the Detection and Response team to improve our monitoring capabilities by performing "purple team" exercises to validate alert coverage.
Mentorship: Act as a force multiplier by mentoring senior and mid-level engineers, fostering a culture of security-minded development across the entire R&D organization.

Expert-level Offensive Skills: 8+ years of experience in offensive security, red teaming, or penetration testing, with a proven track record of uncovering critical vulnerabilities in complex environments.
Cloud Native Expertise: Deep understanding of AWS security architecture, including IAM bypass techniques, container escapes (Kubernetes), and serverless security.
Application Security Depth: Experience with manual code review (Node.js, Python, or Go) and bypass techniques for modern web and mobile security controls.
Automation Mindset: Ability to script in Python, Bash, or Go to automate exploitation chains or integrate security testing into CI/CD pipelines.
Strategic Communication: The ability to translate complex technical risks into business impact for executive stakeholders while remaining a trusted peer to software engineers.
Relevant Certifications (Optional but valued): OSCP/OSCE, GXPN, or equivalent demonstration of deep technical skill.

Greenlight is an equal opportunity employer and will not discriminate against any employee or applicant based on age, race, color, national origin, gender, gender identity or expression, sexual orientation, religion, physical or mental disability, medical condition (including pregnancy, childbirth, or a medical condition related to pregnancy or childbirth), genetic information, marital status, veteran status, or any other characteristic protected by federal, state or local law.
Greenlight is committed to an inclusive work environment and interview experience. If you require reasonable accommodations to participate in our hiring process, please reach out to your recruiter directly or email [email protected].