1

Offensive Security Engineer Jobs (NOW HIRING)

As an Offensive Security Engineer, you will own external attack surface testing, reconnaissance activities, and adversary emulation initiatives to improve security resilience. You will work closely ...

As an Offensive Security Engineer, you will lead efforts to identify and mitigate security risks, perform penetration testing, and guide engineering teams on secure design and best practices.

As an Offensive Security Engineer, you will lead efforts to identify and mitigate security risks, perform penetration testing, and provide guidance on secure design practices while contributing to ...

Who We Are Looking For We are looking for an Offensive Security Engineer who operates with clear ownership. You're not just filling a seat. You're setting the standard. You believe great execution ...

Senior Offensive Security Engineer

San Francisco, CA · On-site

$134K - $185K/yr

They are seeking a Senior Offensive Security Engineer to lead their Offensive Security program, focusing on identifying security issues through proactive attacks on services, applications, and ...

Offensive Security Engineer

Seattle, WA · Remote

$150K - $200K/yr

As an Offensive Security Engineer at Staris AI, you'll be at the vanguard of the application security profession. This role goes beyond conventional application security and penetration testing; you ...

Senior Offensive Security Engineer

OR · On-site +1

$114K - $156K/yr

Are you an experienced Senior Offensive Security Engineer that wants to work with cutting-edge cybersecurity technologies and contribute to enhancing our overall security posture? At Ivanti, we work ...

AI Offensive Security Engineer

Austin, TX · On-site

$136K - $228K/yr

Role Overview eBay seeks an AI Offensive Security Engineer to proactively identify and exploit vulnerabilities in AI/ML systems before adversaries do. This is a hands-on technical role focused on ...

Offensive Security Engineer

Livingston, NJ · On-site

$165K - $242K/yr

As an Offensive Security Engineer at CoreWeave, you will lead efforts to identify and mitigate security risks across internal and external systems. You'll perform penetration testing, conduct threat ...

Senior Offensive Security Engineer

$117K - $160K/yr

Are you an experienced Senior Offensive Security Engineer that wants to work with cutting-edge cybersecurity technologies and contribute to enhancing our overall security posture? At Ivanti, we work ...

As an Offensive Security Engineer at CoreWeave, you will lead efforts to identify and mitigate security risks across internal and external systems. You'll perform penetration testing, conduct threat ...

Offensive Security Engineer

Tempe, AZ · On-site

$100K - $120K/yr

The Offensive Security Engineer is a hybrid role combining hands-on penetration testing, adversary simulation, and security engineering. This position is responsible for proactively identifying ...

next page

Showing results 1-20

Offensive Security Engineer information

See salary details

$61.5K

$152.8K

$205.5K

How much do offensive security engineer jobs pay per year?

As of Jul 18, 2026, the average yearly pay for offensive security engineer in the United States is $152,773.00, according to ZipRecruiter salary data. Most workers in this role earn between $143,000.00 and $158,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Offensive Security Engineers on the job?

Offensive Security Engineers often encounter challenges such as keeping up with rapidly evolving threats, maintaining deep technical knowledge across various technologies, and identifying vulnerabilities in large or complex systems. They must balance rigorous testing with minimal disruption to live systems, which requires careful planning and coordination with other teams. Additionally, translating technical findings into actionable recommendations that are understandable to both technical and non-technical stakeholders is a key part of the role. These challenges make adaptability, continuous learning, and strong communication skills especially important in this field.

How much do offensive security engineers make?

Offensive security engineers typically earn between $80,000 and $150,000 annually, depending on experience, certifications, and location. Senior roles or those with specialized skills in penetration testing and exploit development can earn higher salaries, often exceeding $150,000.

What does an Offensive Security Engineer do?

An Offensive Security Engineer is responsible for identifying and exploiting vulnerabilities in systems, networks, and applications to assess an organization's security posture. They conduct penetration testing, simulate real-world cyber attacks, and provide recommendations to strengthen defenses. Their work helps organizations proactively detect and mitigate security risks before malicious hackers can exploit them. They often use tools like Metasploit, Burp Suite, and custom scripts to test security controls.

What does an offensive security engineer do?

An offensive security engineer conducts simulated cyberattacks to identify vulnerabilities in computer systems, networks, and applications. They use tools like penetration testing and vulnerability assessment techniques to improve security defenses and often hold certifications such as OSCP or CEH. Their work involves ethical hacking, reporting security flaws, and helping organizations strengthen their cybersecurity posture.

Can you make $500,000 a year in cyber security?

Offensive Security Engineers with advanced skills, certifications like OSCP, and extensive experience can potentially earn $500,000 annually, especially in high-demand industries or senior roles. Achieving this level typically requires expertise in penetration testing, security tools, and often leadership responsibilities or consulting work.

What engineers make $500,000?

Senior offensive security engineers with extensive experience, specialized skills in penetration testing, and relevant certifications such as OSCP or CISSP can reach or exceed a $500,000 annual salary, especially in high-demand industries or senior leadership roles. Compensation often includes base salary, bonuses, and stock options, reflecting their expertise in cybersecurity and offensive security techniques.

What are the key skills and qualifications needed to thrive in the Offensive Security Engineer position, and why are they important?

Offensive Security Engineers need expertise in penetration testing, vulnerability assessment, networking, programming, and a solid understanding of security best practices, typically supported by a computer science degree or equivalent experience. Familiarity with tools like Metasploit, Burp Suite, Kali Linux, and certifications such as OSCP or CEH is highly valued. Strong problem-solving ability, effective communication, and a collaborative mindset help professionals excel in this dynamic field. These skills ensure the engineer can identify and exploit security weaknesses while clearly conveying findings to both technical teams and stakeholders, ultimately strengthening organizational security.

What cities are hiring for Offensive Security Engineer jobs? Cities with the most Offensive Security Engineer job openings:
What are the most commonly searched types of Offensive Security Engineer jobs? The most popular types of Offensive Security Engineer jobs are:
What states have the most Offensive Security Engineer jobs? States with the most job openings for Offensive Security Engineer jobs include:
Infographic showing various Offensive Security Engineer job openings in the United States as of July 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $152,773 per year, or $73.4 per hour.

Offensive Security Engineer

Jobgether

On-site, Remote

Full-time

PTO

Posted 10 days ago


Job description

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Offensive Security Engineer based in Netherlands.

This role offers the opportunity to strengthen cybersecurity defenses by proactively identifying vulnerabilities and simulating real-world attacks across a complex digital environment. As an Offensive Security Engineer, you will own external attack surface testing, reconnaissance activities, and adversary emulation initiatives to improve security resilience. You will work closely with security operations, infrastructure, network, and IT teams to transform offensive findings into practical defensive improvements. The position combines penetration testing, vulnerability research, automation, and security strategy in a remote-first technology environment. You will play a key role in improving perimeter protection, validating security controls, and helping build stronger defenses against evolving threats.

Accountabilities:
  • Monitor, map, and assess the organization's external attack surface, including domains, subdomains, websites, public IP ranges, and DNS configurations.
  • Conduct offensive security testing, penetration assessments, and reconnaissance activities to identify vulnerabilities across external-facing systems and infrastructure.
  • Perform adversary emulation exercises against endpoint environments to validate the effectiveness of EDR, XDR, and security monitoring solutions.
  • Assess the security posture of office infrastructure, network devices, physical hardware, and internal edge systems.
  • Execute scoped security testing on web applications and public APIs, identifying weaknesses and providing remediation guidance.
  • Collaborate with security and infrastructure teams to validate firewall rules, perimeter controls, segmentation policies, and defensive configurations.
  • Translate technical findings into actionable recommendations, vulnerability reports, remediation plans, and security improvements.
  • Develop repeatable security checks, improve asset tracking processes, and maintain visibility into exposure trends.
  • Track vulnerability metrics, remediation progress, attack simulation outcomes, and overall perimeter security health.
  • Support continuous improvement of offensive security practices through automation, documentation, and knowledge sharing.
Requirements
  • Proven experience in offensive security, penetration testing, vulnerability assessments, network security, or adversary emulation.
  • Strong understanding of external attack surface management, DNS security, public infrastructure exposure, and network reconnaissance techniques.
  • Hands-on experience testing Linux and Windows environments, including network services and infrastructure components.
  • Experience performing adversary simulations and evaluating security controls against modern endpoint detection and response platforms.
  • Familiarity with testing routers, switches, firewalls, corporate networks, and workplace IT infrastructure.
  • Ability to translate technical vulnerabilities and security risks into clear, practical remediation actions.
  • Experience identifying web application vulnerabilities and performing scoped API security testing.
  • Strong scripting skills using Python, PowerShell, Bash, or similar languages for automation and security workflows.
  • Knowledge of security testing and reconnaissance tools such as Nmap, Shodan, Censys, Masscan, Amass, Wireshark, Burp Suite, OWASP ZAP, or similar.
  • Experience working with security platforms and technologies such as Microsoft Defender XDR, CrowdStrike Falcon, SentinelOne, Atomic Red Team, or Caldera is highly valued.
  • Strong documentation, analytical, and communication skills with the ability to collaborate across technical teams.
  • Familiarity with tools including Kali Linux, DNS testing utilities, Git, Jira, Confluence, VPS environments, Linux/Windows servers, and network security technologies.
Benefits
  • Remote-first working environment with flexibility and autonomy.
  • Competitive salary package with quarterly individual performance-based bonuses.
  • 28 days of paid annual leave.
  • Flexible working schedule with core collaboration hours from 10:00 AM to 3:00 PM in your local time zone.
  • Referral bonuses and additional flash bonus opportunities.
  • High-quality equipment provided for your work.
  • Annual company retreats offering opportunities to connect and collaborate with colleagues globally.
  • Opportunity to work on challenging cybersecurity initiatives in a global technology environment.
How Jobgether works:
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
 Why Apply Through Jobgether? 
 
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
 
 
#LI-CL1
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
apply for this job