Staff Offensive Security Engineer- Cloud and Infrastructure
Who we are
Samsara (NYSE: IOT) is the pioneer of the Connected Operations™ Cloud, which is a platform that enables organizations that depend on physical operations to harness Internet of Things (IoT) data to develop actionable insights and improve their operations. At Samsara, we are helping improve the safety, efficiency and sustainability of the physical operations that power our global economy. Representing more than 40% of global GDP, these industries are the infrastructure of our planet, including agriculture, construction, field services, transportation, and manufacturing — and we are excited to help digitally transform their operations at scale.
Working at Samsara means you’ll help define the future of physical operations and be on a team that’s shaping an exciting array of product solutions, including Video-Based Safety, Vehicle Telematics, Apps and Driver Workflows, Equipment Monitoring, and Site Visibility. As part of a recently public company, you’ll have the autonomy and support to make an impact as we build for the long term.
Recent awards we’ve won include:
Great Place To Work Certified™ 2023
Best Place to Work by Built In 2023
Financial Times The Americas’ Fastest Growing Companies 2023
Deloitte Fast 500 Companies
IoT Analytics Company of the Year in 2022’s IoT Breakthrough Winners
We see a profound opportunity for data to improve the safety, efficiency, and sustainability of operations, and hope you consider joining us on this exciting journey.
We’re seeking a talented Staff Offensive Security Engineer with hands-on offensive cloud and infrastructure security experience. The right candidate will be knowledgeable, passionate about finding security threats, energetic, and thrive in a fast-paced environment. You’ll work alongside technical product managers and security engineers passionate about building highly scalable products. Your offensive security contributions will be critical to shaping our overall security and compliance strategy.
You should apply if:
- You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on, get food into grocery stores, reduce emissions, and, most importantly, ensure workers return home safely.
- You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development and countless opportunities to experiment and master your craft in a hyper-growth environment.
- You’re energized by our opportunity: Our vision to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers.
- You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best.
Click here to learn about what we value at Samsara.
In this role, you will:
- Propose and lead penetration testing plans and offensive security exercises for different components of the product stack. Prove and document the exploitation of high-complexity security issues.
- Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weaknesses
- Design controls and improvements to sharpen our capabilities to defend against attackers in close cooperation with the teams responsible for implementing them.
- Document and present results to various target audiences, ranging from highly technical engineers over non-technical subject matter experts to executive leadership.
- Perform technical security assessments, code audits, design reviews, and Red team exercises.
- Contribute to developing tools and automation programs, security analysis, and testing automation projects.
- Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, and Win as a Team) as we scale globally and across new offices
Minimum requirements for the role:
- Ability to scope engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
- Report generation that clearly communicates testing and assessment details, results, and remediation recommendations
- Significant (8+ years) experience working in offensive/red team security
- Willingness to collaborate and mentor security engineers via documentation writing, code pairing, and other activities.
An ideal candidate also has the following:
- Hands-on practical Offensive Cybersecurity certifications (Sec+, OSCP, OSWE, eJPT, Pentest+, eCPPT, eWPT, GIAC, etc.) or equivalent.
- Cloud certifications (CCP, SAA, SAP, AWS Security Specialty, etc.) or equivalent.
- Strong programming skills; GO, C++, C#, Java, and/or object-oriented programming.
- Embedded Linux experience a plus
We pay for performance, and top performers are eligible to receive above target equity refresh awards which allow employees to achieve higher market positioning.
At Samsara, we welcome everyone regardless of their background, race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, etc. We depend on the unique approaches of our team members to help us solve complex problems. We are committed to increasing diversity across our team and ensuring that Samsara is a place where people from all backgrounds can make an impact.
Full time employees receive an above market total compensation package along with employee-led remote and flexible working, health benefits, Samsara for Good charity fund, and much, much more. Take a look at our Benefits site to learn more.
At Samsara, we have adopted a flexible way of working, enabling teams and individuals to do their best work, regardless of where they’re based. We value in-person collaboration and know a change of scenery and quiet space to work is welcomed from time to time, but also appreciate that the world of work has changed. Our offices remain open for those who prefer to collaborate or work in-office, but we also encourage fully remote applicants. As most roles are not required to be in the office, we are able to hire remotely where Samsara has an established presence. If a role is required to be in a certain location and candidates do not have work authorization for that location, Samsara will conduct an immigration assessment. If the role is not required to be in a specific location, Samsara will move forward with the remote location that works best for the business. All offers of employment are contingent upon an individual’s ability to secure and maintain the legal right to work at the company.
Please note: Samsara does not accept agency resumes and is not responsible for any fees related to unsolicited resumes. Please do not forward resumes to Samsara employees.
Something looks off?