Senior Offensive Security Engineer
Job Description
This position requires access to or use of information which is subject to export restrictions, including the International Traffic in Arms Regulations (ITAR). All applicants for this position must be "U.S. Persons" within the meaning of the ITAR. "U.S. Persons" include U.S. Citizens, U.S. Lawful Permanent Residents (i.e. 'Green Card Holders'), Political Asylees, Refugees or other protected individuals as defined by 8 U.S.C. 1324b(a)(3).
Qualifications
- 8+ years of hands-on experience performing penetration testing at both application and infrastructure levels, ideally in enterprise environments
- Experience building autonomous security solutions, particularly using AI or machine learning to enhance vulnerability detection and testing workflows
- Strong working knowledge of security testing and analysis tools such as Burp Suite, Metasploit, Cobalt Strike, BloodHound, or similar platforms
- Experience conducting security assessments in cloud environments including AWS, Azure, or GCP, with understanding of cloud-specific security considerations
- Solid knowledge of vulnerability frameworks including CVSS, OWASP Top 10, MITRE ATT&CK, and how to apply them in practical testing scenarios
- Software development experience in C/C++, Java, or Python, with ability to write scripts, automation tools, and work with code at a technical level
Skills
- You can explain a security vulnerability to engineers in a way that helps them understand the issue and feel supported in fixing it, rather than blamed for creating it
- You approach testing with thoroughness, taking time to explore beyond surface-level findings because you know the most important issues often require deeper investigation
- You are comfortable working independently on complex assessments, but you also value collaboration and know when to reach out to colleagues for input or support
- You stay current on security trends and emerging threats because you are genuinely interested in how the landscape evolves and what that means for defense
- You can write technical reports that developers can use and executive summaries that non-technical stakeholders can understand and act on
- You handle sensitive information with discretion and understand the importance of confidentiality in security work
Impact
Help reduce security risk across Synopsys infrastructure and applications by identifying vulnerabilities and supporting teams in addressing them effectively
Contribute to building security capabilities that can operate at greater scale and speed through AI-driven testing approaches
Support stronger defenses across cloud and on-premises environments by recommending security controls based on real-world testing insights
Help engineering teams respond more effectively to vulnerabilities by providing clear analysis and practical remediation guidance
Improve organizational awareness of emerging threats by translating external intelligence into relevant testing priorities and defensive considerations
Contribute your testing expertise to help shape security practices and standards that reflect real-world attack patterns and risks
Play a role in protecting the intellectual property and infrastructure that supports semiconductor innovation for customers worldwide