openashbyhqcongruentvc
Sr. Offensive Security Engineer
SPAN
LocationSan Francisco
EmploymentFullTime
Posted2026-06-03T22:39:11.347+00:00
Last observed2026-06-29 02:03:20.761073
Job idcongruentvc-span:ashbyhq:2d9d5520-ed92-4e47-938c-aa664d9f5f01
OUR MISSION SPAN is enabling electrification for all ⚡ WE ARE A MISSION-DRIVEN COMPANY DESIGNING, BUILDING, AND DEPLOYING PRODUCTS THAT ELECTRIFY THE BUILT ENVIRONMENT, REDUCE CARBON EMISSIONS, AND SLOW THE EFFECTS OF CLIMATE CHANGE. - Decarbonization is the process to reduce or remove greenhouse gas emissions, especially carbon dioxide, from entering our atmosphere. - Electrification is the process of replacing fossil fuel appliances that run on gas or oil with all-electric upgrades for a cleaner way to power our lives. AT SPAN, WE BELIEVE IN: - Enabling homes and vehicles powered by clean energy - Making electrification upgrades possible - Building more resilient homes with reliable backup - Designing a flexible and distributed electrical grid THE ROLE We are looking for a hands-on individual with an offensive security engineering mindset to join us as a Senior Offensive Security Engineer (Threat & Response) as part of the Security team at SPAN. In this role, you will act as our internal ethical hacker, conducting full-scope, threat intelligence-informed adversary emulations across our cloud infrastructure, proprietary applications, and corporate IT assets. We are looking for someone who can continuously simulate real-world cyber attacks to identify vulnerabilities before malicious actors do, while seamlessly leading the full Technical Incident Response (IR) lifecycle, from initial triage and containment through to eradication and post-incident recovery, when security events occur. WHAT YOU’LL DO (RESPONSIBILITIES) - Execute full-scope adversary emulations against any valuable objectives across SPAN's cloud environments , proprietary web/mobile applications, APIs, and corporate IT infrastructure. - Lead Technical Incident Response operations during live security events, leveraging your understanding of attacker TTPs to direct rapid containment, threat eradication, and system recovery. - Provide a crucial feedback loop to our Cloud Infrastructure and Software Engineering teams by translating offensive findings into proactive detection rules and actionable hardening requirements. - Own the end-to-end VDP pipeline, serving as the primary internal owner for our public vulnerability disclosure channel, managing communications with external researchers, and validating incoming reports. - Build automated scripts and tools to streamline continuous internal security testing, vulnerability scanning, and VDP triage workflows - Utilize frameworks like MITRE ATT&CK to design and execute red team scenarios that rigorously test the organization’s live detection capabilities, defense evasion thresholds, and IR readiness. - Develop and maintain Incident Response playbooks and runbooks to standardize our technical response to cloud, application, and infrastructure breaches. - Conduct root-cause analysis and digital forensics post-incident to reconstruct attacker timelines, identify Indicators of Compromise (IoCs), and perform comprehensive post-incident reviews. WHAT YOU’LL BRING (QUALIFICATIONS) - Experience: 6+ years of professional experience in offensive security (penetration testing, red teaming), dedicated technical incident response, or a closely related field. - Incident Response (IR) Mastery: Demonstrated experience executing the full IR lifecycle (e.g., NIST SP 800-61 or SANS frameworks) and managing critical security breaches under high-pressure conditions. - DFIR & Log Analysis: Strong capability in parsing complex log data, analyzing system telemetry, and leveraging forensics techniques to track adversarial movement across a network. - Cloud Security: Advanced hands-on experience exploiting and securing modern cloud infrastructure , containerized environments (Docker/Kubernetes), and complex IAM policies. - Application Hacking: Deep technical expertise in web application and API security, including a masterful understanding of the OWASP Top 10 and complex business logic flaws. - Automation & Scripting: Decent programming proficie
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.