Your space-enabled career begins here

Space-based technologies are the building blocks of these pillars of innovation:

Search for credible job opportunities with top entrepreneurial space companies.

Senior Offensive Security Engineer

Sirius XM

Sirius XM

Other Engineering
Irving, TX, USA
Posted on Saturday, June 1, 2024
Who We Are

SiriusXM and its brands (Pandora, SiriusXM Media, AdsWizz, Simplecast, and SiriusXM Connect) are leading a new era of audio entertainment and services by delivering the most compelling subscription and ad-supported audio entertainment experience for listeners -- in the car, at home, and anywhere on the go with connected devices. Our vision is to shape the future of audio, where everyone can be effortlessly connected to the voices, stories and music they love wherever they are.

This is the place where a diverse group of emerging talent and legends alike come to share authentic and purposeful songs, stories, sounds and insights through some of the best programming and technology in the world. Our critically-acclaimed, industry-leading audio entertainment encompasses music, sports, comedy, news, talk, live events, and podcasting. No matter their individual role, each of our employees plays a vital part in bringing SiriusXM’s vision to life every day.

SiriusXM is the leading audio entertainment company in North America, and the premier programmer and platform for subscription and digital advertising-supported audio products. SiriusXM’s platforms collectively reach approximately 150 million listeners, the largest digital audio audience across paid and free tiers in North America, and deliver music, sports, talk, news, comedy, entertainment and podcasts. Pandora, a subsidiary of SiriusXM, is the largest ad-supported audio entertainment streaming service in the U.S. SiriusXM's subsidiaries Simplecast and AdsWizz make it a leader in podcast hosting, production, distribution, analytics and monetization. The Company’s advertising sales organization, which operates as SiriusXM Media, leverages its scale, cross-platform sales organization and ad tech capabilities to deliver results for audio creators and advertisers. SiriusXM, through SiriusXM Canada Holdings, Inc., also offers satellite radio and audio entertainment in Canada. In addition to its audio entertainment businesses, SiriusXM offers connected vehicle services to automakers.

How You’ll Make An Impact

SiriusXM’s Security Operations Center is seeking an experienced Offensive Security Engineer to ensure the security of our organization's systems and applications. The successful candidate will be responsible for performing security assessments, identifying, and verifying vulnerabilities, reviewing threat intelligence, and recommending appropriate solutions. The Offensive Security Engineer will also be responsible for threat hunting, triage and management of findings from our bug bounty program and providing guidance for security best practices.

What You’ll Do

  • Perform or manage various types of offensive security tests to identify potential risks, including:
    • Network, Mobile, and Application Penetration Testing
    • Source Code Reviews
    • Cloud Security Assessments
    • Attack Surface Management
    • Adversarial Simulation/Red Teaming
    • Vulnerability Assessments
    • Hardware/Device Security assessments
  • Test and validate security controls protecting production systems.
  • Investigate and evaluate risks identified from threat intelligence sources.
  • Triage, prioritize and investigate findings received from our bug bounty program, and coordinate with internal stakeholders for remediation efforts.
  • Analyze and evaluate security vulnerabilities, identifying and classifying possible threats.
  • Help implement best practices to improve system and application security.
  • Develop detailed reports to document findings and recommend solutions.
  • Present findings and recommendations to stakeholders and partners.
  • Ensure compliance with applicable regulations and industry standards by conducting tests and testing procedures.
  • Help the Incident Response team to assess and respond to security events by performing threat hunting and intelligence gathering.
  • Automate repeatable security tests.
  • Research, recommend, and track security-related technology solutions.
What You’ll Need

  • Bachelor's degree in Computer Science, Cybersecurity or related field, or equivalent experience.
  • Five or more years of experience in penetration testing, security vulnerability assessment, and threat hunting.
  • Experience testing in a production enterprise environment.
  • Experience in network security architecture, infrastructure security, and application security.
  • Experience testing hardware devices and mobile applications.
  • Strong understanding of cryptography, information security, and industry trends.
  • Excellent problem-solving and communication skills.
  • Able to work in a fast-paced, high-pressure environment.

At SiriusXM, we carefully consider a wide range of factors when determining compensation, including your background and experience. These considerations can cause your compensation to vary. We expect the base salary for this position to be in the range of $73,600 to $150,000 and will depend on your skills, qualifications, and experience. Additionally, this role might be eligible for discretionary short-term and long-term incentives. We encourage all interested candidates to apply.

Our goal at SiriusXM is to provide and maintain a work environment that fosters mutual respect, professionalism and cooperation. SiriusXM is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, ancestry, alienage or citizenship status, age, disability or handicap, sex, gender identity, marital status, familial status, veteran status, sexual orientation or any other characteristic protected by applicable federal, state or local laws.

The requirements and duties described above may be modified or waived by the Company in its sole discretion without notice.

R-2024-05-126