Senior Offensive Security Engineer (IOT / Network Pentesting)

CoinbaseCoinbase·Remote(Remote - USA)
Software Development
Excel

WFA Digital Insight

The demand for skilled security engineers has grown exponentially, with a 25% increase in job postings over the past year. As companies like Coinbase continue to expand their remote teams, experts in IOT and network penetration testing are in high demand. With the rise of remote work, securing digital spaces has become a top priority, and candidates with experience in this area are highly sought after. Before applying, candidates should be aware of the company's intense work culture and the need for active security clearance.

Job Description

About the Role

The Senior Offensive Security Engineer role at Coinbase is a unique opportunity to work with a talented team of security experts to protect the company's digital spaces. As a seasoned penetration tester, you will be responsible for identifying and exploiting vulnerabilities in Coinbase's systems, including IOT devices, network infrastructure, and building management systems. Your expertise will play a critical role in ensuring the security and integrity of the company's operations.

The role is part of the Application Security org, which is responsible for safeguarding the company's digital assets. You will work closely with cross-functional teams, including development, security, and executive leadership, to integrate security best practices throughout the device lifecycle. Your findings and recommendations will have a direct impact on the company's security posture, and you will be expected to present your results to technical and non-technical stakeholders.

What You Will Do

  • Conduct comprehensive penetration tests on networked devices, including hardware, firmware, and integrations
  • Assess the digital security of physical spaces, including expertise in IOT/IOT automation and prosumer networking gear
  • Identify and exploit vulnerabilities in ecosystems, providing detailed reports and recommendations for remediation
  • Collaborate with security and development teams to integrate security best practices throughout the device lifecycle
  • Stay current with the latest security threats, vulnerabilities, and industry best practices for securing physical spaces
  • Present findings and recommendations to technical and non-technical stakeholders, including executive leadership
  • Develop and maintain a deep understanding of networking protocols and architectures, security frameworks, and building security best practices
  • Utilize various penetration testing tools and methodologies to identify vulnerabilities
  • Travel occasionally, based on business need, to participate in team and company-wide offsites

What We Are Looking For

  • Active, current, or recently expired security clearance
  • 2+ years of experience working with C-Suite at S&P 500 organizations
  • Proven penetration testing expertise across the full threat spectrum, from common criminal actors up to highly sophisticated, resource-rich Advanced Persistent Threats (APTs) and nation-state actors
  • Proven expertise in penetration testing the full digital security of physical spaces, including building management systems (BMS), physical access control systems (PACS), IoT/home automation devices, wireless protocols (LoRaWAN, Bluetooth, Zigbee, etc) and networked security infrastructure (e.g., IP cameras and alarms)
  • Extensive experience working with executives at large, complex organizations
  • Strong understanding of networking protocols and architectures, security frameworks, and building security best practices
  • Proficiency in various penetration testing tools and methodologies
  • Excellent communication and report-writing skills

Nice to Have

  • Experience with cloud-based security solutions and cloud-native applications
  • Knowledge of containerization and container orchestration technologies
  • Familiarity with agile development methodologies and version control systems
  • Certification in a relevant security field, such as OSCP or CISSP

Benefits and Perks

  • Competitive compensation package
  • Opportunity to work with a talented team of security experts
  • Comprehensive benefits package, including health, dental, and vision insurance
  • Remote work stipend and flexible working hours
  • Professional development opportunities, including training and conference sponsorships
  • Access to the latest security tools and technologies
  • Opportunity to work on high-impact projects that contribute to the company's mission

How to Stand Out

  • Develop a strong understanding of IOT and network security principles, including wireless protocols and building management systems
  • Familiarize yourself with penetration testing tools and methodologies, such as Metasploit and Burp Suite
  • Create a portfolio that showcases your experience and skills in penetration testing and security assessment
  • Prepare to discuss your experience working with executives and cross-functional teams during the interview process
  • Be prepared to provide examples of your ability to communicate complex technical information to non-technical stakeholders
  • Research the company's security culture and be prepared to discuss your thoughts on the importance of security in the financial industry

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.