XTN-3922771 | OFFENSIVE SECURITY ENGINEER

As part of the Information Security organization, the Offensive Security Engineer is responsible for performing hands-on offensive security testing to help assess and improve PsiQuantum's security posture. This role focuses on executing realistic adversary emulation and penetration testing activities across corporate IT, cloud infrastructure, applications, and identity systems.

The Offensive Security Engineer works closely with security and engineering teams to identify vulnerabilities, validate security controls, and support remediation efforts through practical offensive security expertise.

• Health Insurance/HMO 
• Enjoy unlimited MadMax Coffee
• Diverse learning & growth opportunities
• Accessible Cloud HR platform (Sprout)
• Above standard leaves

• Perform hands-on red team and penetration testing across enterprise, cloud, application, and identity environments.Execute realistic attack scenarios and adversary emulation activities based on real-world attacker techniques and threat intelligence.
• Develop, maintain, and enhance offensive security tooling, scripts, and automation.
• Identify and chain vulnerabilities and misconfigurations into realistic end-to-end attack paths with clear business impact.
• Partner with blue team and detection engineering teams to support purple-team exercises and improve detection and response capabilities.
• Document findings with clear, actionable remediation guidance for engineering and infrastructure teams.
• Support continuous improvement of offensive security processes, methodologies, and operational security practices.
• Stay current on emerging attack techniques, tools, and industry trends relevant to offensive security operations.

• Strong exploitation skills across networks, web applications, cloud environments, and identity systems.
• Experience performing adversary emulation using frameworks such as MITRE ATT&CK.
• Proficiency with common offensive security tools and frameworks, as well as custom tooling development.
• Strong scripting or programming skills, such as Python, PowerShell, Bash, or Go.
• Ability to clearly communicate technical attack paths and risk to both technical and non-technical stakeholders.Strong problem-solving and analytical skills with attention to detail.
• Relevant offensive security certifications are a plus, but not required.

• Additional relevant knowledge or experience related to the above requirements will be considered an advantage.