{bc}
linkedin

Staff Security Engineer, Product

Rogo
New York, QAT
Full Time
Senior
4 weeks ago
RustGoJavaC++PythonBash
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

RustGoJava
Smart Apply

Full Job Posting

The Role

  • As a Staff Security Engineer at Rogo, you'll be our hands on offensive security practitioner, focused on breaking our products before adversaries do.
  • You'll conduct deep dive penetration testing, red team exercises, and adversarial security assessments against our AI driven platform, APIs, and cloud infrastructure.

What You Will Own

  • Conduct hands on penetration testing and red team assessments against Rogo's applications, APIs, AI/ML pipelines, and cloud environments.
  • Build agentic security tooling that finds, validates, and patches vulnerabilities end to end.
  • Develop and maintain custom offensive tooling, exploit chains, and attack simulations.
  • Build and operate automated security testing and remediation pipelines.
  • Perform deep adversarial testing of AI specific attack surfaces.
  • Own vulnerability research and bug hunting across the product.
  • Design and execute threat modeling sessions with engineering teams.
  • Build attack simulation environments and continuously validate security controls.
  • Contribute directly to backend codebases to fix critical vulnerabilities.
  • Lead purple team exercises and own relationship with external pen test firms.
  • Share offensive tradecraft and emerging attack techniques with engineering and leadership.

Great Candidates Often

  • Have professional penetration testing experience across web apps, APIs, cloud environments, and ideally AI/ML systems.
  • Have built or are excited to build agentic security tooling.
  • Have professional development experience in a strongly typed language (e.g., Rust, Go, Java, C++) alongside scripting languages (Python, Bash).
  • Are comfortable with Burp Suite, Nuclei, Semgrep, custom fuzzing frameworks.
  • Have integrated automated security checks into CI/CD pipelines.
  • Are comfortable with infrastructure automation (Terraform, Kubernetes) and can identify misconfigurations in AWS/GCP environments.
  • Communicate crisply and can collaborate effectively.
  • Have applied knowledge of threat modeling, cryptography fundamentals, and compliance frameworks.

Bonus

  • OSCP, OSWE, GXPN, GWAPT, CPTS, or similar offensive security certifications.
  • Experience testing multi tenant SaaS platforms serving regulated industries.
  • Hands on cloud penetration testing experience in AWS or GCP.
  • Kubernetes security testing.
  • Bug bounty track record or published CVEs / security research.
  • Experience in customer facing security conversations.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Rogo