Sr. Offensive Security Engineer at Gong.io

San Francisco, California, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Technology, AI/ML, CybersecurityIndustries

Requirements

5+ years of offensive security experience
Threat modeling in a cloud environment
In-depth knowledge of Secure SDLC
AWS Experience - a must
Familiarity with attack frameworks and mitigation
Experience with DAST and SAST
Experience with application security testing tools such as Burp Suite, Corellium, or MobSF
Experience with the MITRE ATT&CK Framework, TTP development and execution
Experience with common C2 frameworks such as Sliver, Mythic, or Cobalt Strike
Understanding and identification of the OWASP Top 10 vulnerabilities
Security certifications such as GIAC’s GPEN, GXPN or Offensive Security certifications such as OSCP, OSCE, OSWE or OSWA

Responsibilities

Be a part of Red Team operations and development within Ethical Hacking Methodologies from kickoff to remediation
Conduct Red Team assessments against cloud environments and enterprise threat landscape to identify vulnerabilities in software, systems, networks, and logic
Research and verify known attacks, exploits, and security weaknesses using researched and/or developed custom tools
Develop accurate comprehensive reports and presentations for both technical and executive audiences that assist all other security team colleagues
Leads and drives Red Team internal development of scripts, tools, or methodologies to enhance Gong’s red teaming, offensive security operations and development
Working with the IT, R&D engineering, & DevOps teams to ensure we have a comprehensive secure software development life cycle program
On occasion assists with purple team exercises, penetration tests and security assessments from kickoff to remediation, mentoring less experienced staff
Assist with threat models with the developers and architecture teams
Build out the function and manage a team of other offensive security engineers
Assist with Gong’s Bug Bounty program
Understand what features the team should prioritize from a product security perspective
Effectively communicate findings to stakeholders, including technical staff, executive leadership and legal counsel

Skills

Key technologies and capabilities for this role

Red TeamEthical HackingCloud SecurityVulnerability AssessmentExploit DevelopmentCustom ToolsOffensive SecurityPenetration TestingScript DevelopmentSecurity Research

Questions & Answers

Common questions about this position

What experience level is required for this role?

The position requires 5+ years of offensive security experience.

What are the key technical skills needed for this position?

Key skills include threat modeling in a cloud environment, in-depth knowledge of Secure SDLC, AWS experience (a must), familiarity with attack frameworks and mitigation, and experience with DAST, SAST, and application security testing tools.

Is AWS experience required?

Yes, AWS experience is a must for this role.

What does the role involve in terms of team management?

The role includes building out the function and managing a team of other offensive security engineers.

What is the compensation or salary for this position?

This information is not specified in the job description.

Gong.io

Revenue intelligence platform for customer interactions

About Gong.io

Gong provides a platform focused on revenue intelligence, which helps businesses capture and analyze customer interactions. The platform uses artificial intelligence to integrate various customer communications into one system, allowing companies to gain insights that inform their decision-making and enhance revenue growth. Gong caters to a wide array of clients, including sales, marketing, and customer success teams across different industries. Its subscription-based model allows organizations to pay for access to the platform, with pricing tiers based on user count and desired features. The main goal of Gong is to support businesses in optimizing their go-to-market strategies by delivering actionable insights derived from customer data.

San Francisco, CaliforniaHeadquarters

2015Year Founded

$570.1MTotal Funding

SERIES_ECompany Stage

Enterprise Software, AI & Machine LearningIndustries

1,001-5,000Employees

Benefits

Mental health support resources

Weekly wellness events

Work from home stipend

Generous vacation days

Quarterly recharge company shutdowns

Parental leave

Employee equity

Retirement savings & financial coaches

Commuter & parking benefits

Training & learning programs

Monthly lunch & learns

Mentor & buddy programs

Risks

Increased competition from Highspot and Seismic may pressure Gong's market share.

Rapid market growth could attract new entrants, impacting Gong's growth trajectory.

Challenges in measuring AI success may affect customer retention and acquisition.

Differentiation

Gong's platform integrates all customer interactions into a single system for better insights.

The company uses proprietary AI to analyze customer interactions, enhancing decision-making.

Gong's subscription model offers tiered access based on user numbers and functionality.

Upsides

Gong's integration with ChurnZero enhances customer success management with AI-driven insights.

The company's inclusion in Forbes Cloud 100 highlights its market leadership and innovation.

Gong's 'Ask Anything' solution boosts win rates by 26%, enhancing revenue team efficiency.

Land your dream remote job 3x faster with AI

Try Jobo Free