Principal Offensive Cloud Security Engineer
Remote, USA•United StatesNorth America•April 24, 2024
Uptycs builds best-in-class cloud security products that leverage lightweight tools, built on open source software, to collect everything that can help detect, understand, and mitigate a wide variety of security problems. We run on laptops and cloud workloads, monitor Kubernetes and serverless containers, analyze AWS/GCP/Azure configuration and CloudTrail events, emulate threat actor behavior in cloud, containers, network, Windows, and Linux environments - you name it! We feed it into a cloud-based security analytics platform that provides comprehensive visibility, threat detection, posture management, remediation, vulnerability management and compliance tracking. We analyze petabytes of data, process millions of events per second, and run a control plane that enables continuous scanning for vulnerabilities, misconfigurations, and APT malware on all major cloud providers and hundreds of thousands of macOS, Linux, and Windows endpoints. Uptycs enables security professionals at companies such as Comcast, Flexport and Lookout to quickly prioritize, investigate, and respond to potential threats across a company's entire attack surface.We’re looking for a talented Principal Cloud Security Engineer who is well-versed in red team/offensive security. The right candidate will be knowledgeable, have hands-on offensive cloud security experience, passionate about cloud security threats, energetic, thrive in a fast-paced environment, and work well in an agile team atmosphere. As part of a fast growing engineering organization, you’ll be working alongside technical product managers and security engineers who have passion for building highly scalable software products. Your R&D offensive cloud security threat contributions will be critical to shaping our overall cloud security and compliance product strategy on Azure and GCP.
What You'll Do:
- Perform full exploitation of multiple cloud environments
- Research, validate, and document new & existing attack vectors targeting Azure and GCP platforms
- Research and identify threats to previously identified cloud vulnerabilities
- Research, validate, and maintain relevant tools needed for red team operations
- Stay up-to-date with attacker techniques and tools
- Work closely with security engineering and technical product management to translate technical security requirements into business security requirements, and vice-versa
- Collaborate with senior technical leaders across engineering, infrastructure and other organizations to solve complex problems and deliver end-to-end solutions
- Have autonomy to move in many different directions
What We're Looking For:
- 5+ years of experience in a cloud security red team role
- Solid understanding and experience with Azure and GCP, specifically with their security-related products and services and how to exploit them
- Familiarity & hands-on experience with effectively using offensive tools and platforms such as ROADtools, PowerZure, Stormspotter, AzureHound, MicroBurst, ScoutSuite, Kali Linux
- Ability to use these tools to scan, enumerate, exploit, and move laterally
- Deep knowledge of tactics (privilege escalation; lateral movement; exfiltration, etc.) and techniques used by threat actors across cloud, containers, network, Windows, and Linux resources
- Expertise performing threat modeling and design reviews to assess security implications for Azure and GCP
- Lead technical viewpoints and make prudent technical risk decisions
- Ability to influence business and technology direction
- Strong operation security skills
- Align teams and orgs towards simple, coherent security designs
- Aptitude to quickly come up to speed on new technology concepts
- A passion for resourceful and creative problem-solving
- Strong interpersonal and communication skills; ability to work in a team environment
- Naturally gravitate towards thinking like a threat actor would!