Senior Offensive Security Manager

Who Are We?Postman stands as the foremost API platform globally, serving over 45 million developers and 500,000 organizations, including 98% of the Fortune 500. Our mission is to empower developers and professionals worldwide in building an API-first future by simplifying every aspect of the API lifecycle and enhancing collaboration, enabling the creation of…

About the TeamAt OpenAI, we are driven by a mission to ensure that artificial general intelligence serves the interests of all humanity. Our Security team plays a pivotal role in safeguarding OpenAI's innovative technologies, our talented workforce, and our diverse product offerings. We emphasize a technical yet operational approach, dedicated to supporting all research and production at OpenAI. Our core tenets include prioritizing impactful actions, empowering researchers, anticipating transformative technologies, and fostering a robust security culture.About the RoleWe are on the lookout for an outstanding Principal Offensive Security Engineer to elevate OpenAI's security framework. This role transcends traditional red teaming; it provides an opportunity to delve deeply into security challenges, create innovative attack simulations, and collaborate closely with defensive teams to drive strategic enhancements throughout the organization.In this position, you'll not only identify vulnerabilities but also take the lead in resolving them, harnessing cutting-edge technologies to automate offensive security techniques, and utilizing your unique attacker perspective to inform our overarching security strategy.Your primary focus will be on rigorously testing our agent-powered products like Codex and Operator. These systems are valuable targets due to their rapid evolution, ability to perform sensitive user actions, and extensive attack surfaces. You'll play a vital role in fortifying our agents by identifying realistic vulnerabilities arising from the interplay between applications, infrastructure, and models.Key ResponsibilitiesProactively hunt for vulnerabilities within the interactions of our agentic products, encompassing applications, infrastructure, and models.Execute open-scope red and purple team operations, simulating authentic attack scenarios.Collaborate effectively with defensive security teams to enhance detection, response, and mitigation capabilities.Conduct thorough penetration testing across our diverse portfolio of products.Leverage advanced automation and OpenAI technologies to optimize your offensive security initiatives.Articulate insightful, actionable findings in a clear and compelling manner to drive impactful change.Influence security strategy by providing expert recommendations based on your findings.

Astranis is at the forefront of space innovation, developing advanced satellites that extend humanity's reach into high orbits. Our satellites deliver dedicated, secure networks to a diverse clientele, including large enterprises, sovereign governments, and the U.S. military. With five satellites currently in orbit and many more on the horizon, we are addressing a robust backlog of over $1 billion in commercial contracts.Astranis is recognized as a leading satellite communications partner for clients with demanding requirements regarding uptime, data security, network visibility, and customization. Backed by over $750 million from top-tier investors such as Andreessen Horowitz, Blackrock, and Fidelity, our dynamic team of 450 engineers and entrepreneurs operates from our expansive 153,000 sq. ft. headquarters in Northern California.Senior Offensive Security EngineerAs a Senior Offensive Security Engineer, you will spearhead penetration testing and adversarial simulation initiatives targeting our applications, cloud infrastructure, and corporate networks. By emulating real-world attackers, you will identify vulnerabilities within our software and IT infrastructure, collaborating closely with engineering and IT teams to enhance our security posture. Your primary focus will be on offensive testing of application and enterprise systems.

About the RoleChime is on the lookout for a dynamic Senior Offensive Security Engineer to spearhead our Offensive Security initiatives. In this pivotal role, you will assess Chime's services, applications, and infrastructure through simulated attacks to uncover vulnerabilities and collaborate with our internal technology teams to remediate them. This position offers a unique opportunity to enhance your technical expertise and leadership capabilities while being part of a collaborative team that thrives on problem-solving and innovation.The ideal candidate will possess a robust background in offensive cybersecurity, demonstrating a keen interest in analyzing code, testing security hypotheses, and developing tools that fortify web applications and their underlying infrastructure. Your role will involve close collaboration with various teams within Information Security, providing technical leadership and strategic guidance to enhance security practices across Chime. You'll gain firsthand insights into the inner workings of Chime, empowering you to discover novel attack vectors and fortify our services and processes.As part of a small, dedicated team, you will engage in ambitious projects that significantly influence our members and contribute to a strong security culture within the organization. We value open discussions about the challenges we face, the solutions we implement, and celebrating our achievements through public blogs and conferences. If this resonates with you, we encourage you to apply!The base salary for this role starts at $181,000 and can reach up to $250,000, depending on experience and qualifications. Full-time employees are also eligible for bonuses, a competitive equity package, and comprehensive benefits. The actual salary may vary based on your skills and expertise.

Join Our TeamAt OpenAI, we are on a mission to ensure that artificial general intelligence benefits all of humanity, and security is at the core of that mission. Our Security team works tirelessly to safeguard our technology, personnel, and products. We pride ourselves on being both technical and operational, supporting all aspects of our research and products. Our guiding principles include prioritizing impactful solutions, empowering researchers, preparing for groundbreaking future technologies, and fostering a strong security culture.About This RoleWe are on the lookout for a highly skilled Principal Offensive Security Engineer to elevate and fortify OpenAI’s security framework. This isn’t just another red team position; it's a unique opportunity to engage with our technologies, design pioneering attack simulations, collaborate with defensive security teams, and drive strategic security enhancements throughout the organization.In this role, you will not only identify vulnerabilities but also take the initiative to resolve them, automate offensive techniques using the latest technologies, and leverage your unique attacker perspective to influence our overall security strategy. Your primary focus will be on the continuous testing of our hardware products and associated services.Your ResponsibilitiesProactively collaborate with engineering teams to enhance security measures and mitigate risks across hardware, firmware, and software.Conduct thorough penetration testing on our diverse range of products.Utilize advanced automation and OpenAI technologies to streamline your offensive security practices.Present clear and compelling findings to inspire significant changes in our security posture.Shape security strategy by providing insights rooted in attacker perspectives regarding risk and threat modeling.Ideal Candidate Profile7+ years of hands-on experience or an equivalent track record of outstanding achievements in offensive security.Exceptional skills in code review with a keen eye for identifying intricate vulnerabilities.Proven expertise in evaluating complex technology stacks, including:Ability to reverse engineer bootrom images, firmware, or silicon-level components.Hands-on experience with hardware exploitation and embedded systems.

Join Anthropic as an Offensive Security Research Engineer in our Safeguards team, where you will play a critical role in identifying and mitigating security risks. Your expertise will be essential in enhancing our security protocols and ensuring the integrity of our systems. You will collaborate with cross-functional teams to develop innovative solutions that prioritize safety and security.

Join Perplexity, a pioneering organization at the forefront of AI and technology, as we seek a talented and proactive Offensive Security Engineer. In this critical role, you will be part of our innovative security team, adopting an adversarial mindset to fortify our infrastructure, applications, and AI systems. Your expertise will drive red team operations, penetration tests, and attack simulations across various environments—including our cloud infrastructure, web, and mobile applications. You will actively identify vulnerabilities before they can be exploited by adversaries, collaborating closely with engineering teams to implement effective remediations.Key ResponsibilitiesPlan and execute red and purple team engagements, simulating advanced threat actors across our cloud services (AWS, Kubernetes), endpoints, and application surfaces.Conduct thorough and ongoing penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services.Evaluate AI/ML-specific attack surfaces, tackling challenges such as prompt injection, model exfiltration, agent abuse, tool exploitation, and security boundaries of MCP.Develop and maintain custom offensive security tools, exploits, and automation to enhance the efficiency and scope of security testing.Perform open-scope adversary simulations to test detection and response capabilities, working closely with the defensive security team.Lead threat modeling sessions with engineering teams to identify and prioritize potential attack vectors in new features and architectures.Provide clear and actionable insights to both technical and executive audiences, collaborating with engineering teams to validate remediation efforts.Contribute to securing CI/CD pipelines, ensuring supply chain integrity, and managing secrets through offensive assessments.Remain informed about emerging attack techniques, vulnerability research, and adversarial tactics, bringing fresh insights to Perplexity's security strategy.

As a Senior Manager of Enterprise Security at abridge, you will play a pivotal role in safeguarding our organization's digital assets. You will lead a dedicated team in the development and implementation of comprehensive security strategies, ensuring the protection of sensitive information and compliance with industry regulations. Your expertise will drive the evolution of our security posture, leveraging cutting-edge technologies and best practices.

Asana is seeking a passionate and experienced Senior Engineering Manager, Security to lead our dynamic team in San Francisco. In this role, you will be responsible for enhancing our security infrastructure while fostering a culture of innovation and collaboration. This position involves managing a talented team of engineers, guiding them in the development and implementation of security protocols and best practices to protect our users and data.

Founded in 2007, Airbnb has transformed the way people travel, connecting over 5 million hosts with more than 2 billion guests worldwide. Our platform offers unique stays and experiences, allowing travelers to immerse themselves in local cultures and communities.The Community You Will Join:At Airbnb, we prioritize trust. The Information Security team is crucial in nurturing and fortifying the confidence our users place in our platform, which enables millions to discover the world and feel at home anywhere. This team operates as a vital cross-functional entity within Airbnb, ensuring the security of our expansive ecosystem.The Impact You'll Make:As the Senior Program Manager for Information Security, you will spearhead operational initiatives, strategic planning, and efficiency enhancements within our InfoSec organization. You will collaborate with senior leadership across InfoSec and the broader company to scale security operations in alignment with our growth trajectory.A Day in Your Role:Strategic Planning: Lead biannual planning cycles, focusing on goal setting, cross-departmental collaboration, resource allocation, and budget oversight. Innovate frameworks to prioritize and distribute workloads across teams.OKR Performance Measurement: Establish and monitor Objective Key Results (OKRs) to assess the impact of strategic projects and operational processes.Project Execution: Oversee the implementation of significant organizational projects, ensuring timely delivery and fulfillment of objectives.Operational Optimization: Refine workflows to enhance efficiency, productivity, and scalability within InfoSec. Implement automation, process enhancements, and self-service solutions while leading change management efforts.Communication: Craft comprehensive InfoSec communications for the entire company, including reports and updates tailored for engineering teams.Budget Management: Manage budgetary requirements and ensure alignment with organizational goals.

At Contrast Security, we are revolutionizing the way organizations safeguard their software in the fast-paced realm of modern development. With our industry-leading Application Detection and Response (ADR), we empower teams to detect, halt, and remediate genuine threats in real time. If you are driven by the desire to create smarter, faster, and more effective security solutions, you will find a welcoming home here.We are in search of innovative thinkers, courageous creators, and problem solvers who excel at transforming complex challenges into groundbreaking solutions.As the Senior Channel Account Manager for the West region, you will play a pivotal role in bringing our leading application security tool to the forefront of the market. We are looking for a proactive and imaginative leader to cultivate mutually beneficial partnerships with both new and existing channel business partners. This role is heavily focused on driving revenue growth and requires a strong aptitude for expanding our existing partnerships while identifying new ones that will propel the Contrast Security brand into the market. You will be accountable for a regional sales quota and will be required to travel frequently.Ideal candidates will possess a strong hunter mentality, a proven consultative selling approach, and exceptional presentation skills. We seek a talented, enthusiastic, and ambitious channel partner account manager who is ready to join our team and elevate Contrast Security to new heights. Partner account managers are crucial to the growth of our partner organizations. The primary objective of this role is to establish credibility and trust with Senior Partner Executives, fostering investments in selling and driving the growth of Contrast products. At Contrast, you will find an environment where innovation and success stem from collaborative creativity.

Join Anthropic as a Security Engineer in our Offensive Security team, dedicated to fortifying AI systems and ensuring the safety and trust of our users. In this role, you will engage in red and purple team operations, simulate advanced threat scenarios across our cloud and on-premises infrastructures, and lead penetration testing on high-value deployments. Collaborate with cross-functional teams, contribute to innovative AI-assisted security tools, and communicate your findings to both technical and executive stakeholders, translating complex attack narratives into actionable insights that shape our security strategy.

About SentryAt Sentry, we are dedicated to eradicating bad software. Our mission is to empower developers to create better software more efficiently, allowing everyone to enjoy technology once more.With over $217 million in funding and a community of more than 100,000 organizations, including industry leaders like Disney, Microsoft, and Atlassian, we are at the forefront of building performance and error monitoring tools that minimize bug fixing and maximize product development.We embrace a hybrid work model across our global teams, designating Mondays, Tuesdays, and Thursdays as in-office days to foster collaboration. If you are passionate about creating tools that enhance the digital experience, join us in developing the next generation of software monitoring solutions.About The RoleOur security team is committed to safeguarding every aspect of Sentry, from our customer data to our internal code. As a Senior Security Engineer, you will be integral to our mission of enhancing security across our application and Kubernetes platform. Collaborating with engineering teams, you will help strengthen Sentry’s cloud security posture through strategic architecture, threat modeling, and hands-on coding when necessary.Key ResponsibilitiesLead critical initiatives aimed at addressing significant security challenges, from conceptualization to execution.Collaborate on cross-departmental objectives to drive security goals forward.Conduct research and assess new technologies that can bolster our security framework with a focus on scalability.Identify vulnerabilities within our systems and data while developing and implementing robust protective measures.Support cross-functional teams in integrating security solutions that adhere to Secure-by-Design principles.Ideal Candidate AttributesDesire to be a foundational member of an agile, engineering-centric security team.Enjoy collaborating with enthusiastic security, application, platform, and infrastructure engineers eager to innovate.Passionate about advancing security practices to enhance software quality.

We are seeking a highly skilled Senior Security Engineer to join our innovative team at Decagon in San Francisco. In this pivotal role, you will be responsible for safeguarding our digital infrastructure and ensuring the security of our systems against potential threats. You will work closely with cross-functional teams to design and implement security solutions, conduct risk assessments, and develop incident response strategies.As a Senior Security Engineer, you will have the opportunity to leverage your expertise in security protocols, threat detection, and vulnerability management to enhance our security posture. Your contributions will be essential in creating a secure environment for our operations and clients.

CoreWeave is seeking a Security Engineering Manager to lead the Platform Security team. This position is based in Livingston, NJ, New York, NY, Sunnyvale, CA, Bellevue, WA, or San Francisco, CA. The team’s mission is to embed security into CoreWeave’s Kubernetes-based platform and public cloud environments, supporting high-performance infrastructure for AI and machine learning workloads. Role overview This manager will oversee and expand the Platform Security engineering team, reporting to the Senior Director of Security Foundations. The focus is on hands-on leadership and technical execution, with an emphasis on building and implementing security controls rather than policy development. The role requires close collaboration with Infrastructure, Platform Engineering, Site Reliability Engineering, and other security teams to ensure security measures keep pace with business growth and evolving needs. What you will do Lead and grow the Platform Security engineering team. Integrate security into Kubernetes infrastructure and public cloud platforms such as AWS, GCP, and Azure. Define and execute strategies for cloud security posture, workload isolation, platform guardrails, image integrity, and multi-cloud security. Develop and implement security controls across CoreWeave’s infrastructure. Work closely with other technical teams to align platform security with business needs. The Platform Security team The Platform Security team at CoreWeave engineers systems that enforce security at the infrastructure layer. Their work spans both CoreWeave’s own Kubernetes-based platform and third-party public cloud environments. The team supports GPU-accelerated infrastructure for demanding AI and machine learning workloads, ensuring that both customer and internal services remain secure as CoreWeave’s global presence expands.

About the RoleJoin our dynamic Product Security team as a Product Security Manager, where you will oversee a dedicated group focused on ensuring the security of our cloud, data, and AI systems. Your mission will be to safeguard our cloud infrastructure, protect sensitive information, and facilitate the secure use of AI technologies across our products and internal operations.You will collaborate closely with engineering, product, and data teams to ensure that cutting-edge systems, including AI-integrated features, are designed and maintained with security as a top priority. As AI technology becomes more prevalent, you will help shape strategies to utilize AI securely while mitigating risks associated with data exposure, misuse, and insecure integrations.This role requires flexibility as you and your team will navigate various security domains according to business needs within a POD model.The starting salary for this position ranges from $152,000 to $210,000, depending on experience and location. Full-time employees also enjoy a competitive bonus structure, equity options, and comprehensive benefits.

Handshake connects over 20 million knowledge workers, 1,600 educational institutions, and 1 million employers, including every Fortune 50 company, through its career network focused on the AI economy. The platform supports career discovery, hiring, and professional development for a broad range of roles, from freelance AI training to full-time positions. With rapid growth and a forecast to triple ARR by 2025, Handshake works closely with leading AI labs and major organizations. Role overview The Senior Security Engineer will lead the architecture, design, and implementation of Handshake’s enterprise identity automation and governance systems. This position shapes the long-term IAM automation strategy, develops scalable and resilient lifecycle workflows, and ensures secure-by-default identity operations across SaaS, cloud, and internal platforms. The role involves close collaboration with Security, IT Engineering, People Operations, and Product/Platform Engineering to deliver automated, auditable, and reliable identity solutions. What you will do Design, develop, and manage automated onboarding, offboarding, and access-change workflows using Okta, Workday, SCIM, and event-driven systems. Build integration layers between identity platforms and internal applications with Python, REST APIs, Webhooks, and Terraform. Implement error-handling, reconciliation logic, telemetry, and monitoring to maintain reliability of identity lifecycle events. Modernize provisioning logic and move manual processes to scalable automation frameworks. Create tooling and pipelines for version-controlled, testable, and observable IAM automation. Serve as the technical lead for Handshake’s IAM ecosystem, including Okta, Google Workspace, GCP, AWS IAM, and internal access systems. Why join Handshake Shape the future of careers in the AI economy and make a visible impact on the community. Work alongside AI labs, Fortune 500 companies, and leading educational institutions. Join a team with leadership experience from companies such as Scale AI, Meta, xAI, Notion, Coinbase, and Palantir. Contribute to a business positioned for significant revenue growth.

Join the Vanguard of Offensive SecurityBishop Fox is a premier authority in offensive security, delivering a wide array of solutions including continuous penetration testing, red teaming, attack surface management, and comprehensive assessments of product, cloud, and application security. With an impressive portfolio, we've collaborated with over a quarter of the Fortune 100, half of the Fortune 10, and eight of the top 10 global technology companies, as well as all leading global media organizations. Our managed service platform, innovative offerings, and a culture dedicated to excellence have earned us accolades from respected industry awards, including Fast Company, Inc., SC Media, and many others. For over 16 years, we've been committed to advancing the security community, contributing more than 16 open-source tools and 50 security advisories in just the last five years. Discover more at bishopfox.com or follow us on our social media channels.Who You AreThis role transcends typical engineering positions. You will become a key player in an innovative team that operates like a startup within Bishop Fox, combining the agility and rapid iteration of an early-stage venture with the robust resources and reputation of a security leader.You are a seasoned AI engineer who excels in developing real-world systems that function effectively within chaotic environments. Your focus is on reliability, evaluation, and scalability—ensuring that solutions consistently perform in production, not just once.Your MissionCreate autonomous AI agents capable of detecting genuine vulnerabilities in live applications, with the intelligence and adaptability akin to the world’s top penetration testers.

CoreWeave, a public cloud provider specializing in AI infrastructure, supports clients ranging from emerging startups to large enterprises. Since its founding in 2017, CoreWeave has experienced rapid growth and is now listed on Nasdaq (CRWV as of March 2025). More details about the company can be found at www.coreweave.com. Role overview The Senior Project Manager for Data Center Security Initiatives leads the implementation of advanced physical security systems throughout CoreWeave’s data centers. Reporting to the Senior Manager of Data Center Risk and Assurance, this role manages large-scale projects, including the deployment of Wireless Intrusion Detection Systems (WIDS) and other critical security technologies. The position works with multiple teams to ensure new security systems meet both industry standards and client needs. Main responsibilities Project management: Direct all stages of deploying new physical security solutions, such as WIDS, at several data center locations. Collaboration: Coordinate activities across the project lifecycle for security technology rollouts and operational launches, ensuring alignment with company objectives. Cross-functional teamwork This role partners with groups including Security Design and Commissioning, Networking, Security Engineering, and the Global Security Operations Center to deliver successful project outcomes. Locations CoreWeave offices are in Livingston, NJ; New York, NY; Sunnyvale, CA; San Francisco, CA; Bellevue, WA; Dallas, TX; and Richmond, VA.

About LangChainLangChain is dedicated to making intelligent agents a common part of our daily lives. We provide the essential framework for agent engineering that enables developers to transition from experimental prototypes to production-ready AI agents that organizations can depend on. Having started as widely embraced open-source tools, we have evolved to also deliver a robust platform for the development, evaluation, deployment, and management of agents at scale.Our tools, including LangChain, LangGraph, LangSmith, and Agent Builder, are actively utilized by teams delivering tangible AI products across both startups and large corporations. Millions of developers rely on LangChain to empower AI teams at renowned companies such as Replit, Clay, Coinbase, Workday, Lyft, Cloudflare, Harvey, Rippling, Vanta, and 35% of the Fortune 500.With $125M raised in our Series B funding round from prominent investors including IVP, Sequoia, Benchmark, CapitalG, and Sapphire Ventures, we are at a pivotal point of innovation, accelerating growth, and empowering every team member to have a significant impact on our products and collaborative culture. At LangChain, your contributions can truly influence how this technology integrates into the real world.About the RoleAs the hands-on security lead, you will work closely with our core product teams to ensure the security of agent workloads from end to end, encompassing everything from SDK to LangSmith/Graph services and customer integrations. You will be responsible for defining our security roadmap, achieving immediate hardening wins, and elevating the standards for how AI infrastructure is secured in production. We are seeking engineers with expertise in either cloud/infrastructure security or application security (expertise in both is a significant advantage!).Lead product & platform security: Design and implement application/infrastructure security controls across LangSmith, LangGraph, and the LangChain SDK ecosystem (Python/TS/Go).Implement secure-by-default authentication and authorization: Enhance SSO/SAML/OIDC/SCIM, manage token lifecycles, establish service-to-service authentication, and ensure tenant isolation for both cloud and self-hosted customers.Vulnerability management: Oversee scanning, triage, and patching SLAs; coordinate with engineering teams to ensure swift remediation without delaying delivery.Develop secure code, conduct reviews, and create tools: Implement secure design principles, write pull requests, execute penetration tests, and introduce lightweight checks (linters, dependency/supply-chain scanning, SBOM/SLSA provenance) to facilitate security at scale.Enhance hardening & operations: Focus on network segmentation/Zero Trust, Kubernetes posture management, secrets management, key rotation, least-privilege IAM, and egress controls.