Company Industry: Financial Technology
Work Type: Hybrid (Manhattan)
Glocomms is partnered with a FinTech firm dedicated to providing secure and innovative solutions for digital asset management. The Product Security team is committed to maintaining the highest standards of security to protect clients' assets and ensure a safe and reliable platform for trading and investment.
The ideal candidate will have a deep understanding of cybersecurity principles and practices, with a focus on offensive security techniques. The Senior Offensive Security Engineer will be responsible for conducting penetration tests, developing and executing exploit scripts, and providing detailed reports on vulnerabilities and recommended remediation strategies. The role will also involve working closely with development and operations teams to ensure the security of the firm's platform and services.
Primary Responsibilities:
- Conduct thorough penetration tests of web applications and digital asset management systems, identifying vulnerabilities and developing exploit scripts
- Perform security assessments of cloud environments, including configuration reviews and vulnerability assessments
- Develop and maintain automated security testing tools and scripts to enhance the efficiency and effectiveness of security testing, including SAST and DAST
- Collaborate with other security teams to identify and address security gaps
- Stay up-to-date with the latest cybersecurity trends and threat intelligence, especially in the fintech and digital asset space
Key Qualifications:
- Bachelor's degree in Computer Science, Information Security, or related field
- 5+ years of experience in cybersecurity, with a focus on offensive security
- Strong understanding of web application security principles (e.g., OWASP Top 10)
- Experience with cloud security principles and best practices (e.g., AWS, Azure, GCP)
- Proficiency in at least one programming language (e.g., Python, Ruby, PowerShell)
- Experience with automated security testing tools (e.g., Nessus, Qualys, Burp Suite, SAST, DAST)
- Experience in the FinTech or digital asset space is highly desirable
- Excellent written and verbal communication skills
- At least one relevant certification (OSCP, OSCE, OSWA, etc.) is required
Benefits:
- Competitive salary and benefits package
- Opportunities for professional development and training
- Collaborative and innovative work environment
- Flexible work arrangements
This is a hybrid position with the expectation of 1-2 days per week on-site in Manhattan. Candidates must be local to the New York City area or willing to relocate upon offer acceptance. Relocation assistance may be provided as necessary.
This is a full-time, direct hire position and cannot accommodate candidates seeking C2C or C2H employment.
