Offensive Security Engineer

Degreed is the upskilling platform that fuels growth and innovation through lifelong learning. We bring together everything you need to learn and advance: LMSs, courses, videos, articles, projects, and real-world skill insights, matching you with opportunities that align with your skills, role, and goals.

For businesses, Degreed helps build a culture of learning that attracts, develops, and retains top talent, driving both individual and company success.

We believe learning is the key to unlocking opportunities. Our mission is to discover, empower, and celebrate the next generation of global expertise.

Join us in shaping the future of learning and workforce development!

 

As an Offensive Security Engineer, you’ll play a key role in helping Degreed stay ahead of evolving threats. You’ll lead and execute red team engagements, penetration tests, and threat simulations to uncover and validate vulnerabilities across our cloud, application, and infrastructure environments.

You’ll collaborate closely with security operations, detection, and engineering teams to translate findings into real improvements, strengthening our defenses and making a measurable impact on how we protect our people, data, and platform.

Key Skills

• 3–5 years of experience in offensive security, penetration testing, or red teaming roles.
• Demonstrated ability to exploit systems ethically and communicate technical risk to engineering and business teams.
• Hands-on experience with offensive tools such as Cobalt Strike, Metasploit, Burp Suite, or custom-built tools.
• Solid understanding of attack chains across cloud (Azure/AWS), infrastructure, endpoints, and APIs.
• Familiarity with MITRE ATT&CK, OWASP Top 10, and post-exploitation techniques.

Nice to Have

• Certifications such as OSCP, CRTO, GPEN, or similar red team/pentest credentials.
• Experience with scripting and automation (e.g., PowerShell, Python).
• Exposure to threat detection engineering and EDR/XDR technologies (e.g., Defender, SentinelOne, Splunk).
• Participation in bug bounty programs, CTF competitions, or community red teaming engagements.
• Knowledge of secure software development practices and DevSecOps concepts.

Key Responsibilities

• Red Teaming & Offensive Security
  • Plan and execute offensive assessments, including internal/external pen tests, phishing campaigns, and assumed breach exercises.
  • Simulate real-world threats using frameworks like MITRE ATT&CK, performing lateral movement, privilege escalation, and safe data access operations.
  • Build and maintain red team infrastructure, tools, and custom payloads to test and enhance detection and response capabilities.
• Vulnerability Validation & Testing
  • Validate vulnerabilities to assess true risk and support prioritized remediation.
  • Perform manual and automated testing of APIs, cloud environments, apps, and internal systems.
  • Collaborate with detection engineers to fine-tune alerts and improve visibility into adversarial behaviors.
• Security Hardening & Collaboration
  • Identify control gaps and advise infrastructure and DevOps teams on remediation and hardening.
  • Support purple team exercises and secure architecture reviews with offensive security insights.
  • Share findings, attack paths, and recommendations through well-documented post-exercise reports.
• Performance Expectations
  • Deliver red team findings that drive measurable risk reduction.
  • Regularly conduct assessments with clear reporting and responsible disclosure.
  • Partner cross-functionally to strengthen detection, response, and resilience.
  • Maintain a proactive mindset and contribute to a culture of continuous security improvement.

Compensation

We are committed to fair and equitable compensation practices. The total pay range for this role is $150,000 - $185,000.
Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to: skill set, depth of experience, certifications, and specific work location.

 

Benefits

We take care of our people with a comprehensive benefits package designed to support your well-being, growth, and success.
View the full details here: https://px.sequoia.com/globalcompanybenefits

At Degreed, We Value

🌍 Diversity & Inclusion – We celebrate diverse perspectives and backgrounds, fostering an inclusive environment where everyone can thrive and contribute.
📈 Growth Mindset – Learning is at the heart of what we do. We empower our employees to continuously develop their skills and grow their careers in alignment with their unique strengths and aspirations.
🤝 Collaboration – The best ideas come from working together. We cultivate a culture of open communication, teamwork, and shared success.

By joining Degreed, you’ll be part of a community that values learning, collaboration, and meaningful impact. If you’re passionate about driving change through upskilling and workforce transformation, we encourage you to apply and contribute to our mission.

Work Environment & Physical Demands

Degreed offers flexible work arrangements tailored to each role. Some positions are fully remote, while others follow a hybrid model for employees near an office. Please check the job details for role-specific requirements.

For remote and hybrid roles, you’ll collaborate virtually using tools like Zoom and Slack. This role may require prolonged computer use and stationary work, with the ability to interpret written and verbal communication effectively.

We are committed to creating an inclusive and adaptable work environment that enables every team member to thrive and do their best work.

Additional Information

Degreed is an equal opportunity employer committed to fostering a workplace free from discrimination and harassment. We do not discriminate based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

This policy applies to all aspects of employment, including recruitment, hiring, career development, compensation, and training.

💡 Accessibility & Accommodations – We are dedicated to full inclusion and will provide reasonable accommodations for applicants with disabilities throughout the hiring process. If you need assistance, please let us know.
🔍 Fair Hiring Practices – In compliance with the San Francisco Fair Chance Ordinance, we consider qualified applicants with arrest and conviction records.
📄 E-Verify Participation – Degreed participates in the E-Verify employment verification program.

Global Data Privacy Notice for Job Candidates & Applicants

If you’re applying from specific regions, your personal data may be processed in line with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

To understand how we handle applicant data, please review our Global Data Privacy Notice and related policies:

• Global Privacy Notice
• GDPR Compliance Details

By submitting your application, you acknowledge and agree to our use and processing of your data in compliance with applicable laws.

Fraudulent Recruitment Warning 🚨

Beware of fraudulent recruitment scams using the Degreed name. Scammers may impersonate our company, website, or hiring team.

Degreed will never:

• ❌ Conduct recruitment via WhatsApp, Telegram, or direct-messaging platforms.
• ❌ Request sensitive personal or financial information in unsolicited communications.
• ❌ Offer jobs requiring upfront payments or promising unrealistic returns.

✅ Official Degreed communications will always come from a @degreed.com email address or phone number during the hiring process.

If you encounter suspicious activity, please report it immediately. Stay vigilant and protect yourself from fraud.