Threat Engineer

Job Description: We are a lean, fast-paced organization where security is paramount, but engineering velocity is sacred. We are looking for a highly adaptable Threat Engineer to take charge of our external attack surface, offensive security oversight, and human risk programs. In this role, you will act as the critical bridge between external threat landscapes and our internal engineering teams. You will operate our incoming threat intelligence, manage our corporate domain portfolio, coordinate our crowdsourced bug bounty program, and provide technical oversight for our outsourced penetration testing. Your job is to identify, validate, and ensure the neutralization of external threats and vulnerabilities before they impact our platform or our B2B trust. Who you’re committed to being: A Self-Starter with Radical Ownership:  You don't wait for a ticket to tell you something is wrong. You hold the authority to detect gaps and resolve them. A Technical Translator:  You can interpret a complex exploit payload or an unprocessed intelligence report and convert it into actionable requirements for a developer. A Balanced Pragmatist:  You understand that secure shouldn't mean slow. You strive to integrate security into the engineering workflow rather than obstructing it. A Diligent Gatekeeper:  You hold external vendors and researchers to a high standard, ensuring that every pentest and bug bounty report adds genuine value to our security posture. Analytically Rigorous:  You enjoy the hunt—whether it's tracking down a typosquatted domain or reproducing a sophisticated OWASP Top 10 vulnerability. What you’ll do: Offensive Security & Bug Bounty Oversight Govern Penetration Testing:  Manage outsourced penetration testing programs, ensuring scopes align with compliance and business risk. Act as the primary technical point of contact to unblock vendors and ensure rigorous testing. Audit Remediation:  Oversee the vulnerability pipeline, ensuring findings are accurately translated into Jira tickets and tracking developer SLAs through to resolution. Triage Bug Bounties:  Act as the first line of defense for our crowdsourced vulnerability disclosure program; reproducing and validating exploit reports from external researchers. Threat Intelligence & Brand Protection Monitor & Analyze:  Daily triage of our Threat Intelligence Platform (TIP) for credential exposures and active exploits. You’ll translate raw intelligence into proactive defensive measures. Domain Administration:  Serve as the primary admin for our Enterprise Domain Management platform, handling registrations, renewals, and DNS security (DNSSEC, DMARC, etc.). Takedown Management:  Actively monitor for typosquatting and brand impersonation, initiating takedowns when malicious intent is confirmed. Human Risk & Awareness Phishing Simulations:  Design and analyze organizational phishing campaigns to improve employee resilience. Incident Escalation:  Serve as the lead investigator for user-reported phishing and social engineering attempts. Experience you’ll bring: Vulnerability Validation:  Proven hands-on experience in manually assessing web application and cloud vulnerabilities. You should be comfortable reading code and executing payloads. Program Management:  Strong organizational discipline to manage external vendors and audit contractor workflows without needing direct authority. Technical Breadth:  A solid understanding of DNS configurations, web architectures, and how threat actors pivot through an external attack surface. Strategic Thinking:  Experience working on problems of diverse scope where you must devise solutions based on limited information or precedent. Preferred certifications: Threat Intelligence & Defense:  GIAC Cyber Threat Intelligence (GCTI), CompTIA Cybersecurity Analyst (CySA/SecurityX).  Offensive Security & AppSec:  GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Professional (OSCP), or CompTIA PenTest.  Se ... (truncated, view full listing at source)