Senior Security Engineer - Offensive Security en Plaid
Plaid · New York, United States Of America · Hybrid
- Oficina en New York
We believe that the way people interact with their finances will drastically improve in the next few years. We’re dedicated to empowering this transformation by building the tools and experiences that thousands of developers use to create their own products. Plaid powers the tools millions of people rely on to live a healthier financial life. We work with thousands of companies like Venmo, SoFi, several of the Fortune 500, and many of the largest banks to make it easy for people to connect their financial accounts to the apps and services they want to use. Plaid’s network covers 12,000 financial institutions across the US, Canada, UK and Europe. Founded in 2013, the company is headquartered in San Francisco with offices in New York, Washington D.C., London and Amsterdam.
The Platform Security (PlatSec) team protects Plaid’s corporate and production environments, spanning endpoint and infrastructure security as well as detection and response. We work to minimize the risk of compromise by hardening laptops and production services, identifying attacks early, and responding decisively when issues arise.
As the founding member of Plaid’s red team, you will establish and define our offensive security program. You’ll determine which types of operations we should run in both the short and long term, and then carry them out, shifting between strategic planning and hands-on technical work throughout the year. You’ll partner with stakeholders to understand the issues you uncover, both high level and granular, and to incorporate the red team’s work into day-to-day operations and long-term planning. You’ll communicate findings to stakeholders at all levels, including the C-team.
Over the next few years, you’ll help grow the team by interviewing candidates for new roles and potentially stepping into a management or TL position.
Responsibilities
- Establish a charter and framework for Plaid’s offensive security program.
- Conduct red team operations against corp and prod infrastructure to identify previously unknown problems and assess the state of Plaid’s security. These may include goal-oriented and adversary emulation exercises.
- Communicate findings to stakeholders and follow up to ensure appropriate resolution, with the aid of existing planning and risk mitigation processes.
- Serve as the primary owner for red teaming at Plaid.
Qualifications
- 5+ years of experience in offensive security roles
- Experience leading individual offensive security/red team operations
- Comfortable operating independently and defining your own direction
- Comfortable communicating with a wide range of technical and non-technical stakeholders
- [Nice to Have] Experience leading an offensive security/red team program
- [Nice to Have] Experience developing a new offensive security/red team program
- [Nice to Have] OSCP and/or OSCE certification
The target base salary for this position ranges from $207,600/year to $310,800/year [in Zone 1, in Zone 4 or encompassing all Zones]. The target base salary will vary based on the job's location.
Our geographic zones are as follows:
Zone 1 - New York City and San Francisco Bay Area
Zone 2 - Los Angeles, Seattle, Washington D.C.
Zone 3 - Austin, Boston, Denver, Houston, Portland, Sacramento, San Diego
Zone 4 - Raleigh-Durham and all other US cities
The base salary range listed for this full-time position excludes commission (if applicable), equity and benefits. The pay range shown on each job posting is the minimum and maximum target for new-hire salaries. Actual pay may be higher or lower depending on factors like skills, experience, and relevant education or training.
Our mission at Plaid is to unlock financial freedom for everyone. To support that mission, we seek to build a diverse team of driven individuals who care deeply about making the financial ecosystem more equitable. We recognize that strong qualifications can come from both prior work experiences and lived experiences. We encourage you to apply to a role even if your experience doesn't fully match the job description. We are always looking for team members that will bring something unique to Plaid!
Plaid is proud to be an equal opportunity employer and values diversity at our company. We do not discriminate based on race, color, national origin, ethnicity, religion or religious belief, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, military or veteran status, disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws. Plaid is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance with your application or interviews due to a disability, please let us know at [email protected].
