Senior Security Engineer (Pen Tester)

Conduct penetration testing and infrastructure reviews in a multi-cloud environment.

• •Menlo Security is seeking a Senior Security Engineer to focus on offensive and defensive security, penetration testing, and cloud architecture.
• •The role involves working in a multi-cloud environment and conducting rigorous infrastructure reviews.
• •Key Responsibilities Collaborative Penetration Testing (AWS & GCP) Control Plane: Review IAM policies, service configurations, and cloud-native permission structures Data Plane & Web UI: Execute dynamic testing against web interfaces and API endpoints Infrastructure Review: Assess the security posture of a hybrid infrastructure that mixes containers and Virtual Machines (VMs) infrastructures Vulnerability Reporting & Advisory: Triaging findings and creating clear, reproducible proofs-of-concept (PoCs) AI-Augmented Security Assessments: Utilize AI and Large Language Models (LLMs) to automate reconnaissance, generate attack vectors, analyze configurations, and draft vulnerability reports Pipeline Management: Monitor bug bounty pipelines and external reports, validating findings and managing researcher communication Requirements Multi-Cloud Fluency: Deep architectural understanding of GCP and AWS Experience with IAM policies, service configurations, and cloud-native permission structures Experience with dynamic testing against web interfaces and API endpoints Experience with assessing the security posture of hybrid infrastructures Experience with triaging findings and creating reproducible proofs-of-concept (PoCs) Experience with AI and Large Language Models (LLMs) for security assessments Experience with monitoring bug bounty pipelines and managing researcher communication