Senior Application Security Engineer (Offensive / Red Team)
$120,250–$181,250 year
Remote · California, United States or New York, United States
Job Summary
Senior Application Security Engineer (Offensive / Red Team) responsible for planning and leading offensive engagements against Shutterfly's applications and infrastructure, coordinating with Blue Team to drive Purple Team outcomes, applying AI/LLM-based tooling for offensive testing, managing a bug bounty program, and guiding secure development practices. Requires hands-on offensive security experience, Java proficiency, Burp Suite, and ability to collaborate with engineering, DevOps, and security teams to improve detections, responses, and secure coding practices. Note: visa sponsorship not available. Remote possible within US states where Shutterfly is registered to do business; must reside in eligible states.
Required Qualifications
- Bachelor's degree in computer science, cybersecurity, or a related technical field, or comparable hands-on experience
- Hands-on experience leading or performing offensive security work (web application penetration testing or Red Team engagements)
- Proficiency with AI/LLM tools for offensive security or testing
- Proficiency in one modern programming language (preferably Java)
- Strong analytical and problem-solving abilities with a risk-based security approach
- Advanced user of Burp Suite Pro; bonus for custom extensions in Java or Python
- Excellent communication and collaboration skills across teams
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.