[Hiring] Offensive Security Engineer @LiveRamp

Role Description

The Offensive Security Engineer is responsible for proactively identifying, validating, and helping remediate security weaknesses across the company’s SaaS platform, which includes multiple customer-facing web applications, APIs, backend microservices, and cloud-native infrastructure deployed across a multi-cloud environment.

• Work closely with Engineering, DevOps/DevSecOps, and Product teams to ensure vulnerabilities are discovered early, reliably reproduced, documented, and remediated efficiently.
• Help lead internal offensive security initiatives (e.g., Pentest) and lead red team exercises.
• Participate in blue or purple team exercises and assess emerging exploits.
• Participate in incident response exercises when applicable and assist in maturing the company’s security posture.

Qualifications

• Bachelor's degree in Cyber Security, Computer or Software Engineering, Computer Science, Security Engineering, Information Management, Information Science, or a related technical field preferred OR equivalent experience.
• One or more of the following certifications - required:
  • Offensive Security Certification: OSCP, OSEP, or OSWE
  • Global Information Assurance Certification (GIAC): GXPN
• 5-10+ years of Offensive Security and Cloud Security experience.
• Demonstrated experience conducting network, web application, API, and cloud penetration tests across complex enterprise environments.
• Expert knowledge of OWASP Top 10 (including API).
• Experience in Cloud Vulnerability management, configuration, and validation using various tools across multi-cloud environments.
• Cloud-related certification in either AWS or GCP.
• Proficiency using both the AWS Management Console and the AWS Command Line Interface (CLI).
• Experience mentoring junior personnel in offensive security practices.
• Expert with offensive security and vulnerability scanning tools and reporting.
• Strong hands-on expertise in developing proof-of-concept (PoC) exploits to validate real-world impact of discovered vulnerabilities.
• Ability to write custom scripts or tooling in languages such as Python, Bash, or Go to support testing and exploitation.

Requirements

• Identify common classes of vulnerabilities (e.g., authentication/authorization weaknesses, logic flaws, input validation issues).
• Validate findings and provide actionable guidance to engineering teams.
• Conduct and contribute to threat modeling and design reviews.
• Maintain the internal pentest framework and update it based on industry standards where applicable.
• Work with Cloud/DevOps engineers to secure CI/CD pipelines.
• Work with containerized workloads and serverless components.
• Obtain a strong understanding of the company’s products and architecture to discover high-impact weaknesses.
• Research emerging attacks/exploits and techniques relevant to multi-cloud, SaaS, or microservice architectures.
• Scope and engineer red team exercises with defined flags, goals, and safety boundaries.
• Partner with defensive teams during purple team engagements to improve detection and response.
• Provide engineering teams with reproduction steps, risk context, and prescriptive remediation options.
• Participate in security design discussions and architecture reviews.
• Assist in automation of safe, controlled security testing.
• Develop scripts or utilities to support secure testing workflows.
• Implement and test emergent exploit tooling to support ongoing changes in the threat landscape.
• Maintain documentation for vulnerability assessments/pentest, retesting, and mitigation tracking in ITSM tooling.
• Support SOC 2, ISO 27001, and customer security questionnaires by providing validated security test evidence.

Benefits

• Work with talented, collaborative, and friendly people who love what they do.
• We host in-person and virtual events such as game nights, happy hours, camping trips, and sports leagues.
• Flexible paid time off, paid holidays, options for working from home, and paid parental leave.
• Comprehensive benefits package designed to help you be your best self in your personal and professional lives.
• 401K matching plan—1:1 match up to 6% of salary.
• Employee Stock Purchase Plan - 15% discount off purchase price of LiveRamp stock (U.S. LiveRampers).
• A comprehensive office equipment and ergonomics program.