Senior Offensive Security Engineer

Department
Product Security
City
Lexington, MA, United States

The Offensive Security Team is seeking a senior offensive security/penetration tester with in-depth, technical hands-on experience.

Responsibilities

You will play a critical role in identifying vulnerability, weakness and flaws in our highly complex, large scale and extremely protected platform. Your main objective will be to break the system by white hacking and offensive contributions. You will be given full autonomy to hack what is considered to be a highly defended estate.

You will collaborate extensively with engineering, technical operations and product teams by communicating the identification of back doors and providing pivotal input in reverse engineering systems, architecture and platforms.

Requirements
Essential Skills
  •  Proven penetration testing abilities, especially in an enterprise environment. These will include the ability to use automated pen-testing tools as well as carry out manual pen testing
  •  Ability to pen-test and review web application, source code, operating system, and network security architectures; finding vulnerabilities and defining effective strategies for remediation and hardening. 
  •  Offensive/Red-team experience
  •  Proven ability to program and script in a variety of programming/scripting languages, but extensive Java knowledge and experience is essential as you will be doing manual code review of (primarily) Java code for security issues
  •  In-depth knowledge of Linux administration and tools (familiarity with Windows is also useful)
  •  Excellent team-working skills and a "can do, let's get it done" attitude is crucial
Desirable Skills
  •  Ability to design and execute automated penetration testing modules to detect vulnerabilities during build time, coming up with innovative ways to integrate security into the SDLC
  •  Threat modelling experience.
  •  Reverse Engineering and Malware research experience.
  •  Forensic Experience.
  •  A degree in computing with a strong security element (a Masters or PhD is even better, but not essential).
  •  Having ethical hacking certifications such as OSCP, CEH or CREST will be very desirable.
Rewards

We offer a highly competitive rewards and benefits package including private healthcare, dental and life coverage.  Mimecast is an entrepreneurial and high growth company which will provide the right candidate with a wealth of career development opportunities.  All Mimecasters strive on being high performers, problem solvers, and team players with passion and integrity.

An Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.