The Principal Security Engineer is responsible for offensive security, focusing on red teaming, penetration testing, and validating the security posture of applications and cloud infrastructure to improve security practices.
Principal Security Engineer – Enterprise Solutions | Application & Infrastructure Security
Role Overview:
The Principal Security Engineer – Offensive Security is an internal adversarial security practitioner embedded within Enterprise Solutions (ES). The role is responsible for independently testing and validating the security posture of ES applications, data platforms, and supporting cloud infrastructure.
This is a hands-on offensive security role, not a compliance or governance function. The engineer plans and executes red team operations, penetration tests, and adversarial simulations that reflect the techniques, tactics, and procedures of realistic threat actors – across application code, APIs, CI/CD pipelines, AWS infrastructure, multi-tenant platform boundaries, and AI/agentic system components.
Working in close partnership with ES product engineering teams, the role provides an independent adversarial perspective on implemented controls and remediations. Findings feed directly into the continuous improvement of security practices across ES engineering and inform risk decisions made by technology and business leadership.
Success is measured by the quality and realism of engagements, the reduction of exploitable risk in production systems, and the degree to which findings drive durable security improvement – not by volume of findings or compliance artifacts.
Key responsibilities:
- Plan and execute red team engagements and penetration tests against web applications, APIs, internal services, and AWS cloud infrastructure, scoped and executed with clear rules of engagement.
- Simulate realistic attacker TTPs aligned with threat intelligence and frameworks such as MITRE ATT&CK (Enterprise and Cloud), tailored to the organizational threat model.
- Perform cloud-specific attack path analysis including IAM privilege escalation, metadata service abuse, cross-account access, misconfiguration exploitation, and container or serverless escape techniques.
- Execute CI/CD pipeline attack simulations covering supply chain compromise, secrets exposure, artifact tampering, and pipeline misconfigurations.
- Assess and exploit vulnerabilities in authentication and authorisation mechanisms, business logic, APIs, and data handling processes.
- Test multi-tenant platform boundaries to identify cross-tenant data access paths, context confusion, and shared-resource leakage.
Security Control Validation & Remediation:
- Independently validate the effectiveness of security controls implemented by engineering and platform teams, providing evidence-based assessments rather than checklist verdicts.
- Re-test remediated vulnerabilities to confirm fixes are effective and do not introduce new risks
- Challenge security assumptions through realistic attack simulations and communicate the business impact of exploitable gaps clearly.
- Vulnerability Assessment & Research
- Assess AWS and cloud infrastructure through configuration review, privilege analysis, network exposure mapping, and detection gap identification.
- Assess data layer security including database access controls, ORM injection paths, data-tier privilege abuse, and financial data exfiltration routes.
Purple Team Collaboration:
- Partner with Security Operations and Detection Engineering during purple team exercises to evaluate detection coverage and alert quality, producing ATT&CK coverage mapping and detection gap analysis as standard outputs.
- Develop and share attack playbooks, indicators of compromise (IOCs), and detection recommendations informed by red team findings.
- Identify and communicate logging and monitoring gaps uncovered during engagements, with specific attention to agentic workflow and API observability blind spots.
Reporting & Communication:
- Produce clear, professional assessment reports documenting attack narratives, findings, supporting evidence, risk ratings, and remediation recommendations – framed in terms of regulatory exposure where relevant (SOC 2, MiFID II, DORA).
- Maintain and enhance the red team toolset including custom scripts, automation, and exploitation tooling aligned to the ES technology environment and threat model.
- Develop internal tooling where commercial or open-source tools do not adequately cover ES-specific attack surfaces, particularly around agentic and multi-tenant systems
Required Qualifications:
- 10+ years of hands-on experience in penetration testing, red teaming, or offensive security roles, with a track record of conducting full-scope assessments against complex, production systems.
- Demonstrated experience with application security testing including web applications, REST and GraphQL APIs, authentication and authorisation flows, and common vulnerability classes.
- Proven experience performing AWS cloud security assessments and exploiting cloud-specific attack paths including IAM, EC2, Lambda, S3, and ECS/EKS.
- Experience testing multi-tenant systems, with the ability to identify and exploit tenant isolation failures, context confusion, and shared-resource leakage.
- Experience assessing data layer security including database access controls, ORM injection paths, and data exfiltration techniques relevant to financial services environments.
- Experience assessing secrets management posture across repositories, CI/CD pipelines, environment configurations, and managed secrets services.
- Experience conducting threat modelling using STRIDE or comparable methodologies, including for AI/agentic system components.
- Proficiency in at least one scripting or programming language (Python, Go, Bash, or PowerShell) sufficient to develop tooling, automate assessments, and understand application code under review.
- Strong understanding of networking fundamentals: TCP/IP, DNS, TLS, and HTTP/S.
- Strong understanding of Active Directory and associated identity-based attack techniques.
- Experience assessing CI/CD platforms and identifying pipeline security weaknesses including supply chain and secrets exposure vectors.
- Working knowledge of offensive security tools including Burp Suite, Metasploit, BloodHound, Nmap, Nuclei, and cloud-specific tooling such as Pacu, ScoutSuite, and Prowler.
- Familiarity with defensive technologies including WAFs, EDR, SIEM platforms, and cloud-native security controls, sufficient to reason about detection gaps and evasion.
- Ability to produce high-quality assessment reports that clearly articulate technical findings, business impact, and regulatory exposure to both engineering and senior business audiences
Preferred Qualifications:
- Experience with container and Kubernetes attack techniques including RBAC abuse, privilege escalation, secrets extraction, and container escape.
- Familiarity with software supply chain and CI/CD attack vectors such as dependency confusion and artifact signing bypass.
- Experience with OAuth 2.0 and OpenID Connect attack scenarios including token misuse, redirect abuse, and scope escalation.
- Familiarity with API gateway and service mesh attack surfaces, including mTLS bypass and fine-grained authorisation abuse.
- Experience operating within a structured red team programme including scoping, rules of engagement, and deconfliction.
- Familiarity with MITRE ATT&CK (Enterprise and Cloud) for engagement planning, reporting, and detection gap analysis (e.g. ATT&CK Navigator, DETT&CT).
- Experience in regulated financial services environments, with an understanding of how SOC 2, MiFID II, DORA, or equivalent obligations shape risk framing and remediation prioritisation.
TechBlocks New York, New York, USA Office
165 Broadway, 23rd Floor, New York, City ,, New York, New York, United States, 10006
Similar Jobs
Cloud • Information Technology • Security • Software • Cybersecurity
As a Principal Specialist Sales Engineer for Data Security, you will partner with sales teams, deliver technical presentations, gather customer requirements, and lead product evaluations for SLED and Healthcare customers.
Top Skills:
AIData ProtectionData SecurityNetworking SolutionsSaas TechnologiesSecurity SolutionsWeb-Related Technologies
Cloud • Information Technology • Machine Learning
Lead the design and implementation of encryption and key lifecycle management products for AI workloads on CoreWeave's cloud platform, collaborating with cross-functional teams to enhance security and manage technology development.
Top Skills:
Aws KmsAzure Key VaultGcp KmsGoHashicorp VaultHsmsKubernetesRust
Mobile • Software
The role involves enhancing application security for Radar, managing security for over 1 billion API calls daily, and collaborating with customers.
Top Skills:
AirflowAthenaAWSC#FlutterIcebergKinesisKotlinKubernetesMetabaseMongoDBNode.jsObjective-CPythonReactReact NativeRedisRustS3SwiftTerraformTypescript
What you need to know about the NYC Tech Scene
As the undisputed financial capital of the world, New York City is an epicenter of startup funding activity. The city has a thriving fintech scene and is a major player in verticals ranging from AI to biotech, cybersecurity and digital media. It also has universities like NYU, Columbia and Cornell Tech attracting students and researchers from across the globe, providing the ecosystem with a constant influx of world-class talent. And its East Coast location and three international airports make it a perfect spot for European companies establishing a foothold in the United States.
Key Facts About NYC Tech
- Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
- Key Industries: Artificial intelligence, Fintech
- Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
- Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory
