Red Team Security Engineer- Staff

Job Overview

Join the Front Lines of Cybersecurity at Intuit

Are you a highly skilled security researcher with a passion for offensive security? Do you thrive on the challenge of identifying and exploiting vulnerabilities before malicious actors do? If so, we invite you to join Intuit's dynamic cybersecurity team and play a crucial role in safeguarding our vast attack surface.

As an Offensive Security Engineer, you will leverage your expertise in exploit development, vulnerability research, and security automation to proactively identify and mitigate security risks across Intuit's global infrastructure. You will collaborate with a team of elite security professionals, working on cutting-edge technologies and contributing to the security of millions of customers.

Why Intuit?

• Make a Real Impact: Contribute to the security of a globally recognized company and protect millions of customers from cyber threats.
• Cutting-Edge Technology: Work with the latest security tools and technologies in a dynamic and challenging environment.
• Professional Growth: Benefit from ongoing learning opportunities, mentorship, and career development programs.
• Collaborative Culture: Join a passionate and supportive team dedicated to innovation and excellence in cybersecurity.

Join us and help shape the future of security at Intuit!

Responsibilities

What You'll Do

• Exploit Development Expertise: Serve as a subject matter expert in exploit development, focusing on OWASP Top 10 vulnerabilities and emerging threats.

• Security Tooling: Collaborate with offensive security teams to onboard, track, and maintain automated exploits and security tools.

• Vulnerability Research: Conduct in-depth vulnerability research on Intuit's attack surface, developing proof-of-concept exploits and novel offensive security tactics, techniques, and procedures (TTPs).

• Threat Intelligence: Stay abreast of industry best practices, threat intelligence, and emerging attack vectors, applying this knowledge to enhance Intuit's security posture.

• Security Automation: Develop and implement security automation techniques and solutions to streamline processes and improve efficiency.

• Collaboration and Communication: Work closely with cross-functional teams, including security researchers, engineers, and product managers, to share knowledge, collaborate on solutions, and effectively communicate security risks.

• Cloud Security: Leverage your expertise in AWS cloud technologies (EC2, S3, Lambda, CloudFormation, Athena) to secure Intuit's cloud infrastructure.

Qualifications

What You Bring to the Team

• Offensive Security Experience: 3+ years of hands-on experience in offensive security, including exploit development, vulnerability research, and penetration testing.

• Cybersecurity Foundation: 5+ years of overall experience in the cybersecurity domain, demonstrating a strong understanding of security principles and best practices.

• Exploit Development Skills: Proven expertise in developing exploits for OWASP Top 10 vulnerabilities, with a deep understanding of web, cloud, and product security.

• Vulnerability Research Acumen: Strong understanding of bug bounty methodologies, CVE research, and adversary frameworks (MITRE ATT&CK).

• Technical Proficiency: Experience with containerization technologies (Docker, Kubernetes), coding and scripting languages (Python, Bash, Javascript), and security automation solutions.

• Cloud Security Knowledge: Familiarity with AWS cloud services and security best practices.

• Agile and Collaborative: Experience working in an Agile/Scrum environment and a strong ability to collaborate effectively with diverse teams.

Preferred Qualifications

• Experience with CVE submissions and contributions to the security community.

• Experience with security testing and analysis tools.

• Strong understanding of network security and protocols.

• Excellent communication and presentation skills