Senior Offensive Security - Cybersecurity Engineer
We deliver our customers peace of mind every day by helping them protect what they value most. Our passion for placing the customer at the center of everything we do drives a transformational shift at Liberty Mutual.
This role can be remote or located at one of our onsite locations.
This opportunity requires strong knowledge of common security vulnerabilities and a keen interest in learning and advancing the tools, tactics, and techniques leveraged by the Offensive Security team. This candidate will be a part of a highly skilled team and will:
- Conduct application, cloud, network, and infrastructure penetration tests to identify and/or validate vulnerabilities and attack chains.
- Design/build scripts, tools, or methodologies to enhance offensive capabilities.
- Effectively communicate findings, attack paths, and recommendations to technical and executive stakeholders through written reports and verbal presentations.
- Collaborate with diverse business partners to ensure the impact of the risk is understood, managed, and remediated.
- Able to take on special assignments that may require additional on-the-fly learning.
- Ability to multi-task with various engagements that range in technical and non-technical capabilities.
- Participate in Purple Team activities with defenders in the organization, working collectively to develop defensive use cases rapidly.
- 2-7 years performing Offensive Security operations in an enterprise environment
- Demonstrated expertise in Offensive Security such as: CVEs, bug bounties, CTFs, or independent security research
- Certification such as: OSCP, OSWE or the ability to obtain within 6 months
- Excellent written, verbal, and interpersonal skills with the ability to adapt messaging to executive, technical, and non-technical audiences
- Deep knowledge in at least one programming/scripting language (Python, C/C++, PowerShell, etc.)
- Experienced and skilled with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, Bloodhound, Impacket Suite, etc)
- Offensive Security experience in cloud technologies (AWS/Azure)
- Exploitation and/or OffSec research experience of containerization technologies
- Deep knowledge in analyzing and debugging API frameworks
- Experienced in presenting technical analysis of security research or technical topics in the form of presentations, webinars, formal publications, white papers, or blog posts
- Ability to work autonomously, meet deadlines, and deliver impactful results.
At Liberty Mutual, our purpose is to help people embrace today and confidently pursue tomorrow. That's why we provide an environment focused on openness, inclusion, trust and respect. Here, you'll discover our expansive range of roles, and a workplace where we aim to help turn your passion into a rewarding profession.
Liberty Mutual has proudly been recognized as a Great Place to Work by Great Place to Work US for the past several years. We were also selected as one of the 100 Best Places to Work in IT onIDG's Insider Pro and Computerworld's 2020 list. For many years running, we have been named by Forbes as one of America's Best Employers for Women and one of America's Best Employers for New Graduatesas well as one of America's Best Employers for Diversity. To learn more about our commitment to diversity and inclusion please visit: https://jobs.libertymutualgroup.com/diversity-inclusion
We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: https://LMI.co/Benefits
Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law.