Offensive Security Engineer - Cloud



Posted on Thursday, November 23, 2023

Offensive Security Engineer - Cloud

Category Engineering Description

NetSPI is a dynamic cyber security company headquartered in Minneapolis. We are the global leader in offensive security, delivering the most comprehensive suite of penetration testing, attack surface management, and breach and attack simulation solutions. Our global cybersecurity experts are committed to securing the world’s most prominent organizations, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.

NetSPI is constantly growing and looking for innovative minds to join us in helping some of the largest organizations in the world protect their technology and data from cyber criminals. We are on an exciting journey to redefine the offensive security market with a platform driven approach that will address our customers’ most pressing security challenges. If you thrive in a collaborative setting and enjoy working with best-in-class technology – we want to meet you!

Join the mission as an Offensive Security Engineer. In this role, you will be working on the Breach and Attack Simulation team at NetSPI. You will be responsible for designing, developing, and maintaining components and modules associated with the Breach and Attack Simulation platform. NetSPI’s Breach and Attack Simulation Platform provides customers with the means to keep up to date with emerging attack techniques, simulate attacker behavior, and monitor/measure their ability to detect those behaviors over time.


  • Designing, developing, and maintaining Breach and Attack Simulation Platform components and modules.
  • Working with a geographically distributed team of various experience levels.
  • Delivering high quality technical solutions to stakeholders in a fast-paced environment.
  • Developing solutions in accordance with industry standards and best practices.

Minimum Qualifications:

  • Strong experience with one or more of the top three cloud providers. AWS, Azure, and GCP.
    • Cloud security industry standards and best practices (CSA CCM, CIS benchmarks, etc.)
    • Operations and maintenance of cloud security technology stack (CSPM, CWPP, CIEM, Cloud native features like GuardDuty, AWS Config, Amazon Inspector, Azure Sentinel, etc.)
  • Web application API and microservices development
  • Experience with .Net.
  • Knowledge of common security flaws and mitigations as published by OWASP, SANS, etc.
  • Offensive security experience.

Preferred Qualifications:

  • Cloud penetration testing experience, to include exploitation.
  • Management of cloud environments.
  • Experience securing cloud environments against modern threats.
  • Knowledge of detective controls available in cloud environments
  • Strong understanding of the Windows Operating System and Subsystems.
  • The ability to work with undocumented Windows functions comfortably.
  • Experience with Linux API program.
  • Strong experience with systems programming (Win32 APIs).
  • Command & Control (C2) Development.
  • Exploit Development.


Location Remote About the Organization NetSPI is a fast-growing, dynamic cybersecurity company headquartered in the North Loop of Minneapolis. As the leader in vulnerability orchestration and security testing, we're continually growing, and we pride ourselves on keeping absolutely current and cutting-edge in everything we do. Email None Specified
supervisorUID None Specified

This position is currently accepting applications.