Offensive Security Engineer

Description:

Ivanti is seeking a highly skilled and proactive Senior Offensive Security Engineer to join its global cybersecurity team. The role is critical to safeguarding Ivanti’s applications, networks, and systems by simulating real-world cyberattacks, managing vulnerability disclosure programs, and continuously strengthening the company’s security posture. This position offers an exceptional opportunity to work with cutting-edge technologies and collaborate with a talented, forward-thinking team in a fast-paced, innovative environment.

Key Responsibilities:

• Conduct advanced penetration testing and comprehensive security assessments on Ivanti’s applications, systems, and networks.

• Identify, analyze, and exploit security vulnerabilities, followed by detailed remediation guidance and risk mitigation strategies.

• Manage and optimize Ivanti’s Responsible Disclosure and Bug Bounty programs, including communication with external researchers, triaging vulnerabilities, and coordinating resolution efforts.

• Establish and refine processes for vulnerability intake, assessment, prioritization, and remediation tracking across internal and external stakeholders.

• Collaborate with development, operations, and product management teams to ensure effective remediation and prevention of security flaws.

• Track and report on the effectiveness of disclosure and remediation programs, including metrics on resolution rates, response times, and researcher satisfaction.

• Maintain ongoing relationships with the security research community, fostering participation and transparency in the disclosure process.

• Stay updated with emerging attack vectors, threat landscapes, and security frameworks to enhance testing methodologies and program maturity.

• Document findings and develop detailed penetration testing reports for presentation to management and technical teams.

• Contribute to Ivanti’s ongoing efforts to enhance its enterprise-wide information security policies and technical defense capabilities.

Qualifications and Skills:

• At least 5 years of relevant cybersecurity experience, emphasizing offensive security, penetration testing, and vulnerability assessment.

• Proven expertise in Responsible Disclosure Programs (VDP) and Bug Bounty management.

• Professional certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), or other equivalent credentials.

• Strong understanding of networking protocols, operating systems, and web application security.

• Proficiency in using security testing tools such as Metasploit, Nmap, Burp Suite, Nessus, and similar utilities.

• Deep knowledge of common cyber threats, attack vectors, and exploitation techniques.

• Excellent analytical, problem-solving, and critical-thinking skills.

• Strong written and verbal communication skills for preparing detailed reports and presenting findings to diverse audiences.

• Passion for continuous learning, staying abreast of the latest trends in cybersecurity, and advancing penetration testing techniques.

About Ivanti:

Ivanti is a global leader in IT asset management, security, and service automation solutions, enabling organizations to thrive in today’s dynamic “Everywhere Work” environment. With 36 offices across 23 nations, Ivanti’s mission is to secure, manage, and automate IT systems and devices worldwide, empowering businesses to work efficiently and securely—anywhere, anytime.

Ivanti’s culture is built on collaboration, inclusion, and innovation. The company promotes professional growth, values diverse perspectives, and fosters a work-life balance that supports both individual and organizational success.

Equal Employment Opportunity:

Ivanti is an equal opportunity employer committed to diversity, inclusion, and fair employment practices. All qualified applicants are considered without regard to race, color, religion, national origin, gender, age, disability, veteran status, or any other characteristic protected by law. Ivanti also provides accommodations for applicants with disabilities during the recruitment process.