Senior Offensive Security Engineer

Posted Apr 21


Fastly is looking for a Senior Offensive Security Engineer to join our Discovery and Advancement Team. This person will be responsible for performing penetration tests and security reviews for core Fastly applications and APIs. You will be discovering vulnerabilities and shepherding your discoveries through to remediation at Fastly. You’ll bring a big picture view to identification and remediation, affecting systemic change to make the environment more secure. In addition to finding new bugs, you will demonstrate your offensive security knowledge and penetration testing experience during Red Team exercises with the goal of improving Fastly’s security posture and strengthening our security incident response program.

At the senior level, you are a technical leader at Fastly. You will not only have Security Team resources at your disposal, but all of engineering on your side in the constant work of making our applications, our infrastructure and the Internet a better place. You will also be held accountable for mentoring staff and continuing to build out our security team, so having contacts and a solid reputation in the security community are crucial.

This is a role which has high impact on human lives. You will be supported by a friendly security team, where you can learn, develop, and grow. We check our egos at the door. You’ll make sure our customers benefit from services built to the highest security standards in the industry. We pride ourselves in our involvement in the larger security community and encourage our team to present at network and security conferences, submit to bug bounties and participate in the open source community. We are a distributed security team with the dedication and tools in place to make it work.

What You'll Do

  • Collaboratively scope, prioritize, and perform offensive security engagements
  • Bring an adversarial mindset to threat modeling engagements in collaboration with the Security Risk and Architecture team
  • Partner with engineering to integrate offensive security into the SDLC
  • Research, reproduce and respond to various security vulnerabilities reported to Fastly
  • Collaboratively define roadmap for bug bounty and build relationships with external security researchers
  • Participate in purple-team exercises to improve efficacy of internal security programs
  • Develop and share security topics in internal engineering forums and professional conferences through writing and speaking engagements
  • Apply and improve automated vulnerability discovery infrastructure, including continuous fuzzing
  • Recruit, champion and support a team to execute on your vision of building a successful Offensive Security capability at Fastly

What We're Looking For

  • Experience with the Linux Kernel, both in user space and kernel space.
  • Experience in security assessment of networked systems and protocols.
  • Experience reviewing source code for control flow and security flaws.
  • Experience in security assessment of emerging web protocol and technology development (network protocols, browser technology, etc.)
  • Experience scoping, performing and documenting security assessments
  • Ability to vet the capabilities of security researchers and third-party consultants
  • Proven ability to work within a collaborative, cross-functional environment and mentor and develop the next generation of security engineers.
  • Strong communication skills; proven track record of effectively communicating security risks
  • High emotional intelligence. Fastly teams care about one another, collaborate regularly and are part of a people first organization

We value a variety of voices, so this is not a laundry list. It would be an added bonus if you have experience in ANY of these:

  • Experience with the x86/x64 low level architecture and the ability to conduct vulnerability research against applications compiled for that architecture using code-assisted discovery techniques
  • Experience reviewing source code for control flow and security flaws
  • Involvement in the open source community
  • History of involvement in security organizations, events, and conferences

In accordance with applicable law, Fastly’s minimum base pay for this role if hired in Colorado is 135,000 per year. Additionally, this role is eligible to participate in Fastly's equity plan. Final offer amount will be at the company’s sole discretion and determined by multiple factors, including years and depth of experience and expertise, location and other business considerations. Note that this role is available to candidates outside of Colorado and different minimum compensation may apply.

Fastly is proud to deliver a strong total rewards program to our employees. This role is eligible to participate in the following benefits:

  • Health benefits (medical, dental, and vision)
    • Medical: Cigna or Kaiser available
  • Retirement benefits and employer match
  • Life Insurance (Basic and Voluntary Life)
  • Short & Long Term Disability with a buy-up LTD option
  • Voluntary Accident & Critical Illness benefits
  • Flex Spending Accounts & Mass Transit benefits
  • Open Vacation Policy
  • Sick Time
  • Generous leave benefits (medical, maternity, paternity, and personal)
  • Paid wellness days
  • Employee Assistance Program
  • Learning & reimbursement program stipend
  • Mobile and internet allowance
  • Wellness stipend
  • Pet insurance

Fastly reserves the right to amend or modify for any reasons in accordance with applicable law.

Why Fastly?

We have a huge impact.Fastly is a small company with a big reach. Not only doour customershave a tremendous user base, but we also support a growing number ofopen source projects and initiatives.Outside of code, employees are encouraged to share causes close to their heart with others so we can help lend a supportive hand.

We love distributed teams.Fastly’s home-base is in San Francisco, but we have multiple offices and employees sprinkled around the globe. In fact, 50% of our employees work outside of SF! An international remote culture is in our DNA.

We care about you.Fastly works hard to create a positive environment for our employees, and we think your life outside of work is important too. We support our teams with great benefits like up to 20 weeks of paid parental leave, options for free medical/dental/vision plans, and an open vacation program that enables our folks to take the time they need to recharge (some benefits may vary by location).

We value diversity.Growing and maintaining our inclusive and diverse team matters to us. We are committed to being a company where our employees feel comfortable bringing their authentic selves to work and have the ability to be successful -- every day.

We are passionate.Fastly is chock full of passionate people and we’re not one size fits all’. Fastly employs authors, pilots, skiers, parents (of humans and animals), makeup geeks, coffee connoisseurs, and more. We love employees for who they are and what they are passionate about.

We’re always looking for humble, sharp, and creative folks to join the Fastly team. If you think you might be a fit, please apply!



Misc Info For This Position:

Remote Mix: 100% Remote

Position Level: Senior

Job Type: Full-Time

Regional Restrictions: USA Only


Apply for this Position



Fastly


San Francisco,CA
United States

Website


Job Info:
100% Remote
Senior
Full-Time
USA


Apply for this Position


See All Their Jobs



Share this job: