Mailchimp is a leading marketing platform for small businesses. We empower millions of customers around the world to build their brands and grow their companies with a suite of marketing automation, multichannel campaigns, CRM, and analytics tools. Mailchimp's Security Engineering team is looking for a passionate, self-motivated Senior Offensive Security Engineer to be responsible for performing regular and proactive tests against Mailchimp's applications and code. A person in this role will lead different initiatives requiring cross-team collaboration and great communication skills. As a member of the Offensive Security team you will be exposed to multiple different technologies and presented with various learning opportunities to expand your knowledge base. In addition to that the Senior Penetration Tester will lead, mentor, and grow junior team members.

A great candidate for this role is someone who likes representing their team, fostering and forming relationships, leading different initiatives and projects, mentoring fellow team members.

Responsibilities

• Lead and perform offensive security tests per defined cadence on one or more of the following products: web applications, mobile applications, APIs, internal and external networks.
• Participate in the Vulnerability Management Program by triaging findings and validating fixes (sources include bug bounty, responsible disclosure, and similar programs).
• Engage with different audiences across the organization to help articulate the testing process, help interpret the findings, and help make technical decisions.
• Develop new techniques to identify vulnerabilities in new products and help improve them.
• Perform application architecture reviews, evaluate risks, and act as a technical advisor.
• Participate in an on-call rotation for security incidents and assist in incident response processes.
• Lead different initiatives, mentor junior members of the team.