Gong
Join to apply for the
Sr. Offensive Security Engineer
role at
Gong .
Gong empowers everyone in revenue teams to improve productivity, increase predictability, and drive revenue growth by deeply understanding customers and business trends. The Gong Revenue AI Platform captures and contextualizes customer interactions, surfaces insights and predictions, and powers actions and workflows that are essential for business success. More than 4,500 companies rely on Gong to unlock their revenue potential. For more information, visit www.gong.io.
We are seeking an experienced Offensive Security Engineer to help expand our red team. If you're excited to join a fast‑growing team and have a direct impact on a platform used by some of the biggest names in tech, we want to meet you!
In this position, you will support the efforts to ensure that ML/AI‑based solutions remain secure, foster new innovation, and work closely with our research team.
Responsibilities
Be part of Red Team operations and development within Ethical Hacking Methodologies from kickoff to remediation.
Conduct Red Team assessments against cloud environments and the enterprise threat landscape to identify vulnerabilities in software, systems, networks, and logic.
Research and verify known attacks, exploits, and security weaknesses using custom tools.
Develop accurate, comprehensive reports and presentations for both technical and executive audiences.
Lead and drive internal Red Team development of scripts, tools, or methodologies to enhance Gong’s offensive security operations.
Work with IT, R&D engineering, and DevOps teams to ensure a comprehensive secure software development life cycle program.
Assist occasionally with purple team exercises, penetration tests, and security assessments from kickoff to remediation, mentoring less experienced staff.
Assist with threat modeling with developers and architecture teams.
Build and manage a team of offensive security engineers.
Assist with Gong’s Bug Bounty program.
Prioritize features from a product security perspective.
Effectively communicate findings to stakeholders, including technical staff, executive leadership, and legal counsel.
Qualifications
5+ years of offensive security experience.
Threat modeling in a cloud environment.
In-depth knowledge of Secure SDLC.
AWS experience – a must.
Familiarity with attack frameworks and mitigation.
Experience with DAST and SAST.
Experience with application security testing tools such as Burp Suite, Corellium, or MobSF.
Experience with the MITRE ATT&CK Framework, TTP development and execution.
Experience with common C2 frameworks such as Sliver, Mythic, or Cobalt Strike.
Understanding and identification of the OWASP Top 10 vulnerabilities.
Security certifications such as GIAC’s GPEN, GXPN or Offensive Security certifications (OSCP, OSCE, OSWE or OSWA).
Perks & Benefits
Medical, dental, and vision plans tailored to you and your family.
Wellbeing Fund – flexible wellness stipend.
Mental health benefits with covered therapy and coaching.
401(k) program.
Education & learning stipend.
Flexible vacation time.
Paid parental leave.
Company‑wide recharge days each quarter.
Work‑from‑home stipend.
Salary The annual salary hiring range for this position is $122,400 – $180,000 USD. Compensation is based on factors unique to each candidate, including job‑related skills, qualifications, education, experience, and location. At Gong, we have a location‑based compensation structure, which may differ for other locations. The total compensation package may include incentive compensation, bonus, equity, and benefits.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Recruiting Safety All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.
Gong is an equal‑opportunity employer. We believe that diversity is integral to our success and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.
To review Gong's privacy policy, visit https://www.gong.io/gong-io-job-candidates-privacy-notice/ for more details.
#J-18808-Ljbffr
Sr. Offensive Security Engineer
role at
Gong .
Gong empowers everyone in revenue teams to improve productivity, increase predictability, and drive revenue growth by deeply understanding customers and business trends. The Gong Revenue AI Platform captures and contextualizes customer interactions, surfaces insights and predictions, and powers actions and workflows that are essential for business success. More than 4,500 companies rely on Gong to unlock their revenue potential. For more information, visit www.gong.io.
We are seeking an experienced Offensive Security Engineer to help expand our red team. If you're excited to join a fast‑growing team and have a direct impact on a platform used by some of the biggest names in tech, we want to meet you!
In this position, you will support the efforts to ensure that ML/AI‑based solutions remain secure, foster new innovation, and work closely with our research team.
Responsibilities
Be part of Red Team operations and development within Ethical Hacking Methodologies from kickoff to remediation.
Conduct Red Team assessments against cloud environments and the enterprise threat landscape to identify vulnerabilities in software, systems, networks, and logic.
Research and verify known attacks, exploits, and security weaknesses using custom tools.
Develop accurate, comprehensive reports and presentations for both technical and executive audiences.
Lead and drive internal Red Team development of scripts, tools, or methodologies to enhance Gong’s offensive security operations.
Work with IT, R&D engineering, and DevOps teams to ensure a comprehensive secure software development life cycle program.
Assist occasionally with purple team exercises, penetration tests, and security assessments from kickoff to remediation, mentoring less experienced staff.
Assist with threat modeling with developers and architecture teams.
Build and manage a team of offensive security engineers.
Assist with Gong’s Bug Bounty program.
Prioritize features from a product security perspective.
Effectively communicate findings to stakeholders, including technical staff, executive leadership, and legal counsel.
Qualifications
5+ years of offensive security experience.
Threat modeling in a cloud environment.
In-depth knowledge of Secure SDLC.
AWS experience – a must.
Familiarity with attack frameworks and mitigation.
Experience with DAST and SAST.
Experience with application security testing tools such as Burp Suite, Corellium, or MobSF.
Experience with the MITRE ATT&CK Framework, TTP development and execution.
Experience with common C2 frameworks such as Sliver, Mythic, or Cobalt Strike.
Understanding and identification of the OWASP Top 10 vulnerabilities.
Security certifications such as GIAC’s GPEN, GXPN or Offensive Security certifications (OSCP, OSCE, OSWE or OSWA).
Perks & Benefits
Medical, dental, and vision plans tailored to you and your family.
Wellbeing Fund – flexible wellness stipend.
Mental health benefits with covered therapy and coaching.
401(k) program.
Education & learning stipend.
Flexible vacation time.
Paid parental leave.
Company‑wide recharge days each quarter.
Work‑from‑home stipend.
Salary The annual salary hiring range for this position is $122,400 – $180,000 USD. Compensation is based on factors unique to each candidate, including job‑related skills, qualifications, education, experience, and location. At Gong, we have a location‑based compensation structure, which may differ for other locations. The total compensation package may include incentive compensation, bonus, equity, and benefits.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Recruiting Safety All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.
Gong is an equal‑opportunity employer. We believe that diversity is integral to our success and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.
To review Gong's privacy policy, visit https://www.gong.io/gong-io-job-candidates-privacy-notice/ for more details.
#J-18808-Ljbffr