Squarespace
Squarespace is seeking a Staff Red Team Engineer to join our Security team. In this role, you will act as a senior individual contributor, emulating real-world threats to test our defenses and strengthen our security posture. This position requires deep technical expertise, the ability to work independently on complex engagements, and a passion for finding innovative ways to bypass security controls. You will be a key contributor to the team's success, helping mature our offensive security capabilities. You will also need excellent communication skills to work with internal teams to describe vulnerabilities you find and work with the teams directly to address them. This position reports into the VP of Security and can be based remotely in the United States.
What You’ll Get To
Execute Red Team Operations: Plan, scope, and execute sophisticated red team engagements to test the effectiveness of our security controls and incident response capabilities.
Technical Expertise: Conduct advanced penetration testing, exploit development, and research to identify and exploit vulnerabilities in our systems, applications, and infrastructure.
Cross-Functional Collaboration: Partner with Engineering, Product, and other stakeholders to provide actionable insights and recommendations for improving our security posture.
Tooling and Automation: Develop and maintain custom tooling and scripts to automate attack techniques and enhance operational efficiency.
Reporting and Communication: Write detailed reports on operation goals, outcomes, and findings. Clearly and concisely communicate complex technical information to various stakeholders.
Stay Ahead of Threats: Stay current on the latest tactics, techniques, and procedures (TTPs) used by adversaries and integrate this knowledge into our red team exercises.
Who We’re Looking For
A minimum of 8+ years of experience in cybersecurity, with a strong focus on offensive security roles such as red teaming, penetration testing, or vulnerability research.
Expertise in exploiting vulnerabilities in web applications, networks, and cloud environments (AWS and GCP).
Strong understanding of cybersecurity frameworks such as MITRE ATT&CK, NIST, and OWASP.
Proficiency in scripting and programming languages, such as Python, Go, or Java.
Demonstrated ability to think like an adversary and apply an adversarial mindset to complex systems.
Excellent written and verbal communication skills, with the ability to articulate complex topics clearly and effectively.
Benefits & Perks
A choice between medical plans with an option for 100% covered premiums
Fertility and adoption benefits
Access to supplemental insurance plans for additional coverage
Headspace mindfulness app subscription
Global Employee Assistance Program
Retirement benefits with employer match
Flexible paid time off
20 weeks for parental leave and up to 12 weeks to care for an ill family member
Pretax commuter benefit
Education reimbursement
Employee donation match to community organizations
8 Global Employee Resource Groups (ERGs)
Dog-friendly workplace
Free lunch and snacks
Private rooftop
Hack week twice per year
Cash Compensation Range: $170,000 - $299,000 USD
Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customers, but we also work toward the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We are proud to be an equal opportunity workplace.
Seniority Level Mid-Senior level
#J-18808-Ljbffr
What You’ll Get To
Execute Red Team Operations: Plan, scope, and execute sophisticated red team engagements to test the effectiveness of our security controls and incident response capabilities.
Technical Expertise: Conduct advanced penetration testing, exploit development, and research to identify and exploit vulnerabilities in our systems, applications, and infrastructure.
Cross-Functional Collaboration: Partner with Engineering, Product, and other stakeholders to provide actionable insights and recommendations for improving our security posture.
Tooling and Automation: Develop and maintain custom tooling and scripts to automate attack techniques and enhance operational efficiency.
Reporting and Communication: Write detailed reports on operation goals, outcomes, and findings. Clearly and concisely communicate complex technical information to various stakeholders.
Stay Ahead of Threats: Stay current on the latest tactics, techniques, and procedures (TTPs) used by adversaries and integrate this knowledge into our red team exercises.
Who We’re Looking For
A minimum of 8+ years of experience in cybersecurity, with a strong focus on offensive security roles such as red teaming, penetration testing, or vulnerability research.
Expertise in exploiting vulnerabilities in web applications, networks, and cloud environments (AWS and GCP).
Strong understanding of cybersecurity frameworks such as MITRE ATT&CK, NIST, and OWASP.
Proficiency in scripting and programming languages, such as Python, Go, or Java.
Demonstrated ability to think like an adversary and apply an adversarial mindset to complex systems.
Excellent written and verbal communication skills, with the ability to articulate complex topics clearly and effectively.
Benefits & Perks
A choice between medical plans with an option for 100% covered premiums
Fertility and adoption benefits
Access to supplemental insurance plans for additional coverage
Headspace mindfulness app subscription
Global Employee Assistance Program
Retirement benefits with employer match
Flexible paid time off
20 weeks for parental leave and up to 12 weeks to care for an ill family member
Pretax commuter benefit
Education reimbursement
Employee donation match to community organizations
8 Global Employee Resource Groups (ERGs)
Dog-friendly workplace
Free lunch and snacks
Private rooftop
Hack week twice per year
Cash Compensation Range: $170,000 - $299,000 USD
Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customers, but we also work toward the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We are proud to be an equal opportunity workplace.
Seniority Level Mid-Senior level
#J-18808-Ljbffr