Every day, the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced “sneak”) comes in. Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and cloud infrastructure — and do it all right from the start. Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.
Joining Snyk means embracing our core values: One Team, Care Deeply, Customer Centric, and Forward Thinking. As a member of our team, you’ll have the opportunity to thrive in a dynamic environment where fostering collaboration, leading with empathy, driving business impact, and inspiring trust are at the heart of everything we do.
Our Opportunity:
Snyk is seeking an experienced Senior Security Engineer to join our Enterprise Security team. In this cross-functional role, you will spearhead adversary emulation and attack simulation (red teaming) initiatives to proactively identify gaps in our detection and response capabilities across the Snyk environment. While leading our offensive security testing, you will also be instrumental in enhancing our enterprise threat detection systems, actively participating in security incident response, and driving improvements in detection engineering.
This position is ideal for a security professional who excels at adopting an attacker's mindset while possessing a deep understanding of building and scaling robust defenses. As Snyk undergoes rapid growth, you'll have a unique opportunity to help build, shape, and mature the technical foundations of our security operations and overall infosec program from an early, impactful stage.
You’ll Spend Your Time:
- Design, plan, and execute threat emulation exercises, including covert campaigns that simulate adversarial threats.
- Develop and utilize custom tools, scripts, and exploits to simulate targeted attacks against critical infrastructure, applications, and personnel.
- Collaborating with security architecture, IT, engineering, and infrastructure teams to drive remediation efforts.
- Developing signatures used to detect observed and new threats in a cloud-first environment.
- Delivering detection and response capabilities across corporate and cloud assets.
- Analyzing logs and other forensic artifacts from multiple sources (host, network, memory).
- Developing and refining signatures used to detect observed and new threats.
- Collaborating with teams across the company on projects designed to improve our overall security posture.
What You’ll Need:
- Theoretical and practical knowledge of threat hunting in a cloud environment.
- Excellent technical cybersecurity and engineering/development skills, with experience in using REST APIs to integrate disparate security technologies.
- Experience responding to, leading, and remediating security incidents.
- Strong understanding of cloud computing (AWS, GCP, or Azure).
- Strong scripting and automation skills (Python, Bash, Go, Rust).
- Knowledge of host-based analysis on Mac OS and Linux operating systems.
- Use case development/content development within a SIEM.
- Experience evaluating and deploying cybersecurity solutions in a public cloud environment (IaaS, PaaS, SaaS).
- Information security certifications (OSCP, OSEP, GPEN, GCIH, GCFA, GNFA, GREM, etc.)
- Experience with Bash, Python, and Go.
- Familiarity with data analysis / data science techniques for threat detection.
- Bachelor’s degree in computer science, information security, or Information Technology.
We’d be Lucky if You:
- Have worked within the DevSecOps Industry.
#LI-TF1
We care deeply about the warm, inclusive environment we’ve created and we value diversity – we welcome applications from those typically underrepresented in tech. If you like the sound of this role but are not totally sure whether you’re the right person, do apply anyway!
About Snyk
Snyk is committed to creating an inclusive and engaging environment where our employees can thrive as we rally behind our common mission to make the digital world a safer place. From Snyk employee resource groups, to global benefits that help our employees prioritize their health, wellness, financial security, and a work/life blend, we aim to support our employees along their entire journeys here at Snyk.
Prioritize health, wellness, financial security, and life balance with programs tailored to your location and role.
- Flexible working hours, work-from home allowances, in-office perks, and time off for learning and self development
- Generous vacation and wellness time off, country-specific holidays, and 100% paid parental leave for all caregivers
- Health benefits, employee assistance plans, and annual wellness allowance
- Country-specific life insurance, disability benefits, and retirement/pension programs, plus mobile phone and education allowances
What We Do
Snyk, the leader in secure AI software development, empowers organizations to build fast and stay secure by unleashing developer productivity and reducing business risk. The company’s AI Trust Platform seamlessly integrates into developer and security workflows to accelerate secure software delivery in the AI Era. Snyk delivers trusted, actionable insights and automated remediation, enabling modern organizations to innovate without limits. Snyk is redefining secure AI-driven software delivery for over 4,500 customers worldwide today.
Why Work With Us
Every team member at Snyk contributes to our vision for a more secure digital world. No matter where we are in the world, we operate as one team and work together to shape the future of application security. We take immense pride in the diversity of our people, cultures, and experiences.
Gallery
Snyk Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
