[Remote] Product Security (Vulnerability Research & Offensive Security) Engineer
Note: The job is a remote job and is open to candidates in USA. netPolarity, Inc. is seeking a Senior Product Security Engineer with a strong technical research background in vulnerability research and offensive security. The role focuses on proactively discovering and validating complex attack paths within the client product ecosystem, providing insights to enhance security measures and leverage AI-driven engineering.ResponsibilitiesAttack Path Discovery: Partner with Security Architects to identify and technically validate potential exploit sequences. You will engineer proofs-of-concept to demonstrate how individual vulnerabilities can be linked to create significant product exposureImpact Analysis: Perform deep-dive technical research to determine the exact “blast radius” of a vulnerability. You will be responsible for identifying exactly which products and versions are impacted and what specific data or services are at riskProactive Defense: Translate offensive research into preventative measures, providing Engineering teams with the technical evidence and architectural guidance needed to implement robust, long-term mitigationsAI-Enhanced Security Engineering: Explore and implement AI-driven automation to enhance our discovery and analysis capabilities. You will use emerging technologies to scale the identification of complex vulnerability patterns across the stackTechnical Advocacy: Serve as a senior technical subject matter expert during high-stakes triage, helping stakeholders understand the practical reality of threat through evidence-based technical analysis and exploit modelingSkillsTechnical Research Background: 6-9 years of experience in Product Security Engineering, Vulnerability Research, or Offensive Security, with a focus on deconstructing complex software systemsArchitectural Mindset: A talent for 'Attack Path Thinking', you can look at a complex architecture and identify how a minor logic flaw could lead to a major compromiseTechnical Depth: A strong understanding of software vulnerabilities (logic flaws, memory corruption, auth bypasses) and how they manifest in cloud-native and hybrid-cloud environmentsAI/ML Curiosity: Experience or a strong interest in using AI-driven tools to scale security engineering and automate the discovery of sophisticated vulnerability patternsCollaborative Inquiry: An ability to work as peer with Architects and Developers, using technical data and research to build consensus on remediation pathsExperience with reverse engineering or high-level exploit development in a research-focused environmentFamiliarity with 'Graph-based' security analysis (mapping relationships between assets, permissions, and vulnerabilities)Contributions to the security community, such as tool development, technical whitepapers, or responsibility disclosed CVEsExperience in a distributed engineering environment where technical evidence is the primary driver of security prioritizationBenefitsJob Location - San Jose, California - W2 role - 100% remote with 10 hours overtime/week allowedCompany OverviewnetPolarity, a subsidiary of Saicon, is a certified Woman and Minority-Owned Business Enterprise, a leading full-service workforce solutions provider delivering contingent workforce staffing, payrolling, temp-to-hire and direct-hire services to Fortune 500 companies nationwide. It was founded in 2000, and is headquartered in Campbell, California, USA, with a workforce of 201-500 employees. Its website is http://netpolarity.com.Company H1B SponsorshipnetPolarity, Inc. (Saicon Consultants, Inc.) has a track record of offering H1B sponsorships, with 2 in 2021, 1 in 2020. Please note that this does not guarantee sponsorship for this specific role.