Senior Offensive Security Engineer with Security ...

Job Description One team. Global challenges. Infinite opportunities. At Viasat, we''re on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We''re looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team. Job Responsibilities Threat Intelligence Research: lead the charge on analyzing cybersecurity attacks including RF against Software Defined Radios, trends, and methodologies using unclassified/classified Threat Intelligence. This includes working with government/academic/commercial researchers and institutions, operational technology research labs, commercial companies and public and private cybersecurity information sharing groups (e.g., ISACs) to research and investigate in more detail vulnerabilities including zero days and techniques that could impact critical national infrastructure, defense, and our networks. Collaborate with a cross-functional team of the engineering, data science, product management, product marketing, and senior leadership to enhance the company''s detection and response capabilities. Active and hands-on participation in Red Team Exercises and Penetration Testing: employ simulated adversary threat-based approaches to expose and exploit vulnerabilities and weaknesses to improve the security of both ours and customer products and networks. Replicate tactics and techniques used by modern attackers, common network exploitation and penetration techniques as well as common software exploitation techniques. Develop attack plans to meet the specified objectives and coordinate with other Red Team Operators to achieve these goals. Provide constructive feedback to the defenders and product teams on their successes and failures. Make automation and security assessment tool development and implementation recommendation that assist with Red Team exercises and Penetration Testing. Requirements Engineering, Physics, Mathematics, Computer Science Degree, or other technical degreeProficiency in PowerShell, Python, C, C, Go or other to build and extend toolsets Experience with network security test tools and scanners ranging from nmap, Netsparker, Nessus, to Metasploit and Cobalt StrikeUnderstanding of networking protocols with a preference for secure ones like SSH, HTTPS, TLS, IpSec, and othersFamiliarity with Digital Signal Processing and/or RF telecommunications with a preference for experience with SATCOM using GNURaio or MatLabUnderstanding of security vulnerabilities and common software engineering flaws Infrastructure, product, and/or application level penetration or Red Team testing experience Knowledge of attacker lifecycles and defender strategies A desire for continued learning, research, and expansion of skillsets essential to the roleA Subject Matter Expert for Red Team/Penetration Testing activities, technologies, and toolsMust have the ability to maintain an "Aggressive, Outsider Mindset" to "Think like an Attacker"Experience with Linux/embedded Linux/RTOS Active Secret clearance Occasional Travel up to 10%US citizenship Preferences Advanced offensive security certifications (i.e., OSCP/OSEP)SW engineering experienceDeveloping custom exploitsWhite box testing and exploitation analysis using source code analysisBlack box testing and exploitation analysis using reverse engineering and protocol fuzzingActive TS/SCI clearance Experience with reverse engineering products and/or softwareExperience with satellite communications systems/terminalsExperience with Software Defined Radio tools such as GNURadioExperience with Operational Technology (OT) assessmentsDemonstrate proficiency in system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structure Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)Excellent written and verbal communication skills with the ability to communicate at a technical and business user level

Created: 2025-11-15