As a senior member of the Figment Security Red Team, your responsibility will be to design and execute campaign-based security testing for Figment. This will involve targeting multiple types of assets. Successful applicants should have the ability to evaluate environments, applications, systems, or processes to identify vulnerabilities.

In Short

Discover and exploit novel vulnerabilities in Figment applications.
Perform a full range of red team activities focusing on application security, API exploitation, and software deployment pipelines.
Document processes, procedures, and workflows for red team operations.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Collaborate with seniors in the security team and the product team to enhance the company's security posture.
Effectively communicate findings and strategies to stakeholders, including technical staff, executive leadership, and legal counsel.
Provide practical and risk-appropriate recommendations to address vulnerabilities.
Configure and safely use offensive security tools, tactics, and procedures in Figment environments.
Enhance Figment's red teaming processes by developing and improving scripts, infrastructure, tools, and methodologies.
Provide mentoring and training to blue team members and actively participate in cross-team security exercises.

Requirements

Bachelor's degree or five or more years of work experience.
Experience with web application and API exploitation or security assessments.
Experience with web application programming languages such as Javascript/Typescript and Ruby.
Experience with CI/CD workflows and pipelines.
Experience in scripting and automation of simple tasks using Bash, Python, or similar.
Experience developing, extending, or modifying exploits, shellcode or exploit tools.
Experience with container orchestration management tools such as Docker and Kubernetes.
Experience with source code review for control flow and security flaws.
Strong knowledge of offensive security and pentesting tooling such as Kali Linux, Burp Suite, and other open source tools.
Strong technical writing.

Benefits

100% remote-first environment.
4 weeks of PTO that kick in day one, with an additional 1 week of flex days.
Extended company-paid health benefits that kick in day one.
Best in class parental leave and flexible arrangements.
A home office stipend to create a space that you enjoy working in.
Monthly Wifi reimbursement.
A yearly Learning & Development budget.
401K (US) or RRSP match (Canada).
Stock Options in the company.
A competitive bonus based on company performance.

Figment

Figment is a leading provider of blockchain data solutions, focused on building high-performance tooling for collecting, processing, and managing blockchain data. With a remote-first work environment and team members across North America and Europe, Figment fosters innovation in Web3 technologies by delivering fast APIs and big data processing solutions. The company emphasizes personal career development, collaboration, and a culture of honesty and professionalism, making it a top choice for professionals in the blockchain space.

Share This Job!

Save This Job!

Jobs from Figment:

Security Analyst

Security Analysis

Python

Incident Response

Junior DevOps Engineer

DevOps

Python

TypeScript

GTM Recruiter