R
Posted 9 hours ago
Staff Security Engineer
RogoStaff Security Engineer, Product
Requirements
Professional penetration testing experience, Strongly typed language proficiency (Rust, Go, Java, C++), Scripting skills (Python, Bash), Cloud infrastructure knowledge (AWS/GCP), Security automation and CI/CD integration
Skills
Penetration TestingPythonAWS
About the role
Responsibilities
- Conduct hands-on penetration testing and red team assessments against applications, APIs, AI/ML pipelines, and cloud environments
- Build agentic security tooling to autonomously find, validate, and patch vulnerabilities
- Develop custom offensive tooling, exploit chains, and attack simulations tailored to AI architecture
- Perform adversarial testing of AI-specific attack surfaces including prompt injection and model manipulation
- Design and execute threat modeling sessions with engineering teams
- Contribute directly to backend codebases to fix vulnerabilities and harden authentication flows
- Lead purple team exercises to test detection and response capabilities
- Manage relationships with external penetration testing firms
Requirements
- Professional penetration testing experience across web apps, APIs, and cloud environments
- Experience writing real exploits and developing custom security tools
- Professional development experience in strongly typed languages such as Rust, Go, Java, or C++
- Proficiency in scripting languages like Python or Bash
- Experience with Burp Suite, Nuclei, Semgrep, and custom fuzzing frameworks
- Experience integrating automated security checks (SCA, SAST, DAST) into CI/CD pipelines
- Proficiency with infrastructure automation tools like Terraform and Kubernetes
- Knowledge of threat modeling, cryptography, and compliance frameworks (SOC 2, ISO 27001)
Preferred Qualifications
- Offensive security certifications such as OSCP, OSWE, GXPN, GWAPT, or CPTS
- Experience testing multi-tenant SaaS platforms in regulated industries like financial services
- Hands-on cloud penetration testing experience in AWS or GCP
- Kubernetes security testing expertise
- Proven bug bounty track record or published CVEs
About the Company
Rogo is transforming global finance by empowering professionals at top investment banks and private equity funds with AI that delivers unparalleled speed, accuracy, and insight. We are building the future of enterprise AI for the financial industry.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeStaff Security Engineer
Rogo · New York City
