Chewy company image
Chewy
At Chewy, our mission is to be the most trusted and convenient destination for pet parents and partners, everywhere.
Hybrid
View Profile
Jobs//Hybrid//Cybersecurity + IT//

Offensive Specialist, Senior Security Engineer

Sorry, this job was removed at 1:16 p.m. (CST) on Thursday, December 2, 2021
View 8062 Jobs
Find out who's hiring in Other US Location.
See all Cybersecurity + IT jobs in Other US Location
View 8062 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Our Opportunity: 

We're looking for a Senior Security Engineer in our Dania Beach, FL location to join our Research, Architecture, Design, Command (RADCOM) Team. This team helps Chewy through vulnerability discovery, disclosure and mitigation in our products, services, infrastructure, and ecosystem. This person will be responsible for performing attack simulations, adversarial threat modeling, penetration tests, and security reviews for Chewy products and services. You will be responsible for discovering vulnerabilities at Chewy, its products and services and conduct threat modeling exercises on people, processes, and technologies that build up our products and services. You will also design red team exercises in collaboration with other security teams to help improve our security incident response and overall security program.

As a member of our RADCOM Team, you’ll be responsible for ensuring that Chewy’s products, services, and processes are continuously tested and resilient against an attack from threat actors. You’ll be working with the team to focus on the systems, services, and processes that protect Chewy’s most valuable resources, and communicate with internal and external stakeholders as needed.

What You’ll Do:

  • Provide an adversarial perspective that productively challenges assumptions and decisions to improve security
  • Collaboratively define threat models, scope, and prioritize offensive security engagements
  • Integrate offensive security into security development lifecycle
  • Research emerging attack vectors and techniques, including targeting user endpoints, cloud platforms & systems, development infrastructure, system integrations, and everything in between
  • Design and plan offensive exercises based on research into threat actors most relevant to Chewy’s business operations
  • Build, modify, and implement tooling and automation to improve the offensive capabilities of the team to meet our evolving objectives and mitigate security threats
  • Perform ongoing, proactive analysis of Chewy’s internal and external attack surface
  • Participate in blue / purple-team exercises to improve efficacy of internal security programs
  • Develop training programs on security-related topics such as threat modeling, user awareness, attack techniques, and mitigation strategies
  • Document and effectively contextualize issues with respect to business impact
  • Devise pragmatic methods of mitigating security risks
  • Coordinate, collaborate, and communicate within the RADCOM Team and with stakeholders in Security, Engineering, and other departments

What You’ll Need:

  • Bachelor’s degree in computer science or engineering related field or equivalent work experience
  • Minimum of 7 years in a senior IT role
  • Minimum of 4 years in a vulnerability analyst, penetration tester or risk analyst role
  • Web application security expertise
    • Familiarity with static code analysis concepts and tools
    • Familiarity with dynamic application testing concepts and tools
  • Working knowledge of one or more of the following programming languages
    • Java
    • Python
    • Kotlin
    • Swift
    • Go
  • Hold industry recognized certifications such as: GPEN, GWAPT, GCIA, GCIH, OSCP, GXPN etc.
  • Working level knowledge of AWS foundations and well architected framework
  • Experience with log analysis tools such as Splunk, Elastic with Kibana etc.
  • Experience with shell scripting or automation of simple tasks using BASH, PowerShell, Python, Ruby, Go etc.
  • Experience developing, extending, or modifying exploits, shellcode or exploit tools
  • Strong knowledge of tools used for web application and network security testing, such as Kali Linux, Metasploit, Burp suite, Core Impact, Cobalt Strike, Nessus, Web Inspect, and Scuba etc.
  • Position may require travel

Bonus:

  • Experience with agile scrum and/or kanban methodologies
  • Experience in ecommerce
  • Self motivated with excellent problem solving skills and able to perform job functions with little direct supervision

Chewy is committed to equal opportunity. We value and embrace diversity and inclusion of all Team Members.
If you have a disability under the Americans with Disabilities Act or similar law, or you require a religious accommodation, and you wish to discuss potential accommodations related to applying for employment at Chewy, please contact HR at chewy dot com
To access Chewy’s Privacy Policy, which contains information regarding information collected from job applicants and how we use it, please click here: https://www.chewy.com/app/content/privacy).

See More
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.
Gregory Owens
Technical Recruiter
UNLEASH YOUR FULLEST POTENTIAL
Join an environment that’s driving innovation
Forget the legacy platforms and technologies of yesteryear: “We are creating a new status quo by pushing ourselves past what we can imagine,” Owens said. At Chewy, technologists work with of-the-moment tools and infrastructure, and find plentiful opportunities for greenfield projects: By the end of 2020, Chewy will be nearing full migration into AWS, which will require lots of new code to be written from scratch.
Forget the legacy platforms and technologies of yesteryear: “We are creating a new status quo by pushing ourselves past what we can imagine,” Owens said. At Chewy, technologists work with of-the-moment tools and infrastructure, and find plentiful opportunities for greenfield projects: By the end of 2020, Chewy will be nearing full migration into AWS, which will require lots of new code to be written from scratch.
We want our engineers to be the one-stop-shop for all things technology. We look for ‘builders’ who have the desire and passion to never stop learning and acquiring new skills to put in their tool belt.
Priya Shinde
Software Engineer
HIT THE GROUND RUNNING
Making an impact from day one
Being an entry-level engineer doesn’t mean working on entry-level projects. Recently, Shinde, an engineer on the delivery experience team, created an API that connects customer’s queries with shipment statuses, a project that could have a significant impact on Chewy’s bottom line. Shinde credits an environment of continuous learning that has, to date, exposed her to more than a dozen new languages and tools.
Being an entry-level engineer doesn’t mean working on entry-level projects. Recently, Shinde, an engineer on the delivery experience team, created an API that connects customer’s queries with shipment statuses, a project that could have a significant impact on Chewy’s bottom line. Shinde credits an environment of continuous learning that has, to date, exposed her to more than a dozen new languages and tools.
My exposure to popular and effective software has been critical to my development as an engineer, and my team is always ready and willing to answer my questions.
Natalie Liem
Software Engineer I
SUPPORTING PET PARENTS
Building products to support pets — and their people
Natalie Liem knows her work on Chewy’s CarePlus pet insurance and wellness plans makes life better for both people and their pets. “Many friends and family members have struggled with unexpected vet bills or have had to compromise routine pet care because of the expenses entailed,” she said. By making pet insurance and wellness plans more accessible, Liem is hopeful for the future of pet health. “By working with a trusted brand like Chewy, pet parents can feel less burdened by the ‘what ifs’ of affording veterinary care.”
Natalie Liem knows her work on Chewy’s CarePlus pet insurance and wellness plans makes life better for both people and their pets. “Many friends and family members have struggled with unexpected vet bills or have had to compromise routine pet care because of the expenses entailed,” she said. By making pet insurance and wellness plans more accessible, Liem is hopeful for the future of pet health. “By working with a trusted brand like Chewy, pet parents can feel less burdened by the ‘what ifs’ of affording veterinary care.”
Chewy can offer pet parents so much in both new products, and through connecting existing, established parts of our site.

What are Chewy Perks + Benefits

Chewy Benefits Overview

It all starts with taking care of our Team Members.

At Chewy, we recognize the importance of providing meaningful and impactful work. That’s why we are constantly innovating, pushing the limits to delight our customers and colleagues, and providing endless ways for our Team Members to build, grow and develop.

We also understand that wellbeing is different for everyone and offer a wide variety of traditional and unique benefits. Here’s a sampling of what we offer:
• Competitive wages and retirement benefits such as 401k and Long-Term Incentives (LTI)
• Chewy University (Chewy U) for learning, growth, and development resources
• 20% Team Member discount on Chewy.com
• Unlimited PTO (for Exempt, Full-Time, salaried employees)
• Pet-friendly Chewy Corporate hubs in Boston, MA; Bellevue, WA; and Plantation, FL
• Maternity/Paternity and family bonding leave covered at 100%
• Paw-ternity Leave (yes–that means time off when you adopt a new pet)
• DEI-focused Team Member Resource Groups (TMRGs)

Culture
Volunteer in local community
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Pair programming
Open office floor plan
Flexible work schedule
Remote work program
We're currently 100% remote due to caution and care for the health & well-being of our team. Post-pandemic, we plan to operate in a combination of onsite and remote, with logistics still being defined
Diversity
Dedicated diversity and inclusion staff
Highly diverse management team
Mandated unconscious bias training
Diversity employee resource groups
Hiring practices that promote diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
We offer a commuter transit, parking, and dependent care FSA.
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Performance bonus
Child Care & Parental Leave Benefits
Childcare benefits
Generous parental leave
Family medical leave
Return-to-work program post parental leave
Vacation & Time Off Benefits
Unlimited vacation policy
Paid holidays
Paid sick days
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Some meals provided
Company-sponsored happy hours
Pet friendly
Recreational clubs
Chewy sponsors office sports leagues year-round.
Relocation assistance
Professional Development Benefits
Job training & conferences
Lunch and learns
Cross-functional lunch and learns.
Promote from within
Mentorship program
Online course subscriptions available
Customized development tracks
View full list of perks + benefits
Photo Gallery

More Jobs at Chewy

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about ChewyFind similar jobs like this