Senior Product Security Engineer (Offensive)

New York

Permanent

USD180000 - USD210000

Cloud and Infrastructure

PR/561193_1758288620

Glocomms is partnered with a successful FinTech firm specializing in digital assets and blockchain infrastructure to support the search for a Senior Offensive Product Security Engineer. This is a hybrid role based in New York City, offering the opportunity to work on cutting-edge security challenges in a fast-paced, high-growth environment.

The ideal candidate is a seasoned Offensive Security professional with a strong engineering background. This role will be responsible for leading proactive security efforts across the organization's product suite, focusing on offensive security techniques to identify vulnerabilities, simulate adversarial behavior, and strengthen the overall security posture of the platform.

Key Responsibilities:

Design and execute offensive security assessments, including penetration testing and red team operations.
Collaborate with engineering and product teams to integrate security into the development lifecycle.
Develop custom tooling and automation to support offensive security initiatives.
Conduct threat modeling and architecture reviews for new and existing systems.
Research emerging threats and contribute to the continuous improvement of internal security practices.
Support incident response teams with adversary simulation and post-mortem analysis.
Mentor junior team members and help shape the security culture across the organization.

Qualifications:

5+ years of experience in offensive security, red teaming, or penetration testing.
Strong programming/scripting skills (e.g., Python, Bash) and experience building custom security tools.
Deep understanding of application security, cloud infrastructure, and common vulnerability classes.
Hands-on experience with tools such as Burp Suite, Metasploit, Cobalt Strike, and similar frameworks.
Familiarity with blockchain technologies and smart contract security is a plus.
Strong communication skills and ability to work cross-functionally.
Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).

Additional Information:

Candidates must be based in the New York City area (or willing to relocate) and open to following a hybrid schedule - approximately three days per week onsite.

The company does not offer visa sponsorship for this position and cannot engage with C2C or C2H arrangements.

FAQs

I have applied for a role, what happens next?

Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.

This role doesn’t 100% suit my next professional move, can you help?

Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.

We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.

That's why we recommend registering your resume so you can be considered for roles that have yet to be created.

Can you help with resume preparation, interviews, and offer negotiation?

Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.