Staff Offensive Security Engineer

Job Description What you'll be doing Work in a team-orientated, fast-paced, global, and flexible environment Perform penetration testing across our entire product and infrastructure Perform SaaS-based red team exercises with specific goal oriented objectives Continuously evolve your skills toward AI evaluation and knowledge based on emerging tactics, techniques and procedures related to AI agent vulnerabilities Collaborate with our AI Security, threat intelligence, threat monitoring and threat engineering teams to understand our threats, provide practical validations of threats and ensure our protections and incident response are continuously refined Provide actionable insights for our Product Development team regarding vulnerabilities What you bring to the role A deep understanding of SaaS environments including the unique security threats that apply. Strong technical understanding of LLM architectures, RAG pipelines, and agentic AI systems, including their attack surfaces, vulnerabilities, and security implications A demonstrated understanding of quantitative analysis for large scale evaluations. Excellent problem solving skills and self-motivation to learn and upskill regularly. Excellent communication skills, with the ability to actively listen, take on feedback and be a positive member of any team. Basic Qualifications: At least 7 years of professional experience in the field of offensive security. A strong knowledge of modern web application architecture and the vulnerabilities often associated with them. A strong knowledge of LLMs including their unique security threats, and how embedded vectors impact performance Proficiency in offensive security tooling such as a web proxy like Burp Suite, Nmap, Kali and a scripting language of your choice. Preferred Qualifications: Experience with AWS and its security features Experience with developing or testing AI systems at scale. Experience with AI Security tools (e.g., promptfoo, etc.) Experience with MacOS & Apple infrastructure and its security features 10 years of professional experience in the field of offensive security Professional certifications related to offensive security, including but not limited to: OSCP, CEH, CPT, GPEN, OSCE, OSWP, OSWE, OSEE, OSDA, PNPT, CPENT, CRTO, GXPN Published vulnerabilities, bug bounty reputation or other contributions to the industry Talks, conference appearances or other professional event experience The US annualized base salary range for this position is $179,000.00-$269,000.00. This position may also be eligible for bonus, benefits, or related incentives. While this range reflects the minimum and maximum value for new hire salaries for the position across all US locations, the offer for the successful candidate for this position will be based on job related capabilities, applicable experience, and other factors such as work location. Please note that the compensation details listed in US role postings reflect the base salary only (or OTE for commissions based roles), and do not include bonus, benefits, or related incentives. The intelligent heart of customer experience Zendesk software was built to bring a sense of calm to the chaotic world of customer service. Today we power billions of conversations with brands you know and love. Zendesk believes in offering our people a fulfilling and inclusive experience. Our hybrid way of working, enables us to purposefully come together in person, at one of our many Zendesk offices around the world, to connect, collaborate and learn whilst also giving our people the flexibility to work remotely for part of the week. As part of our commitment to fairness and transparency, we inform all applicants that artificial intelligence (AI) or automated decision systems may be used to screen or evaluate applications for this position, in accordance with Company guidelines and applicable law. Zendesk is an equal opportunity employer, and we’re proud of our ongoing efforts to ... (truncated, view full listing at source)