{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/title/member-of-technical-staff-offensive-security-engineer"},"x-facet":{"type":"title","slug":"member-of-technical-staff-offensive-security-engineer","display":"Member of Technical Staff (Offensive Security Engineer)","count":1},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_81a600f4-518"},"title":"Member of Technical Staff (Offensive Security Engineer)","description":"<p>Perplexity is seeking a highly skilled Offensive Security Engineer to join our dynamic security team. The successful candidate will take an adversarial approach to hardening Perplexity&#39;s infrastructure, applications, and AI systems.</p>\n<p>You will plan and execute red team operations, penetration tests, and attack simulations across our cloud infrastructure, web and mobile applications, AI/ML pipeline, and corporate environment,finding real vulnerabilities before adversaries do and working directly with engineering teams to drive remediation.</p>\n<p>Responsibilities:</p>\n<ul>\n<li>Plan and execute red team and purple team engagements simulating advanced threat actors across cloud infrastructure (AWS, Kubernetes), endpoints, and application surfaces</li>\n<li>Conduct continuous penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services</li>\n<li>Assess AI/ML-specific attack surfaces including prompt injection, model exfiltration, agent abuse, tool-use exploitation, and MCP security boundaries</li>\n<li>Develop and maintain custom offensive tooling, exploits, and automation to improve the efficiency and coverage of security testing</li>\n<li>Perform open-scope adversary simulations that test detection and response capabilities end to end, collaborating closely with the defensive security team</li>\n<li>Drive threat modeling sessions with engineering teams to identify and prioritize attack vectors in new features and architectures</li>\n<li>Deliver clear, actionable findings to both technical and executive audiences; partner with engineering to validate remediations</li>\n<li>Contribute to the security of CI/CD pipelines, supply chain integrity, and secrets management through offensive assessment</li>\n<li>Stay current on emerging attack techniques, vulnerability research, and adversary tradecraft; bring external perspective into Perplexity&#39;s security strategy</li>\n</ul>\n<p>Qualifications:</p>\n<ul>\n<li>5+ years of hands-on experience in offensive security, red teaming, or penetration testing</li>\n<li>Deep technical expertise in at least two of: cloud security (AWS/GCP/Azure), web/API application security, Kubernetes and container security, macOS/Linux endpoint security, network penetration testing, or CI/CD pipeline security</li>\n<li>Track record of discovering impactful vulnerabilities or developing novel attack techniques in production environments</li>\n<li>Strong programming and scripting skills in Python, Go, or similar languages; comfortable writing custom tooling and exploits</li>\n<li>Experience with industry-standard offensive tools (Burp Suite, Cobalt Strike / Sliver / Mythic, Metasploit, BloodHound, nuclei, etc.) and ability to operate beyond them</li>\n<li>Excellent written and verbal communication; able to translate complex technical findings into clear risk narratives</li>\n<li>Experience assessing AI/ML systems, LLM applications, or agentic workflows for security vulnerabilities</li>\n<li>Bonus: Published security research, conference talks (DEF CON, Black Hat, BSides), CVE credits, or meaningful bug bounty contributions</li>\n</ul>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_81a600f4-518","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Perplexity","sameAs":"https://perplexity.com","logo":"https://logos.yubhub.co/perplexity.com.png"},"x-apply-url":"https://jobs.ashbyhq.com/perplexity/69fd6a56-0050-44f7-9ed2-2c3a7320908d","x-work-arrangement":"hybrid","x-experience-level":"staff","x-job-type":"Full time","x-salary-range":"$220K – $405K","x-skills-required":["cloud security","web/API application security","Kubernetes and container security","macOS/Linux endpoint security","network penetration testing","CI/CD pipeline security","Python","Go","Burp Suite","Cobalt Strike","Metasploit","BloodHound","nuclei"],"x-skills-preferred":[],"datePosted":"2026-04-24T13:15:56.086Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Francisco; London; New York City; Remote (United States); Serbia"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"cloud security, web/API application security, Kubernetes and container security, macOS/Linux endpoint security, network penetration testing, CI/CD pipeline security, Python, Go, Burp Suite, Cobalt Strike, Metasploit, BloodHound, nuclei","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":220000,"maxValue":405000,"unitText":"YEAR"}}}]}