Honey is a fast-growing startup based in Los Angeles. Our online shopping platform offers users a smarter way to shop. Through a simple browser extension, we open up instant access to exclusive savings, deals, rewards and discovery, all powered by the collective knowledge of Honey’s community of online shoppers. We are helping millions save when they shop online, and we're hiring! We are actively seeking a Red Team Specialist to join the Engineering Team in our Los Angeles office.

  

About the Team:

Our team has the opportunity to break the cool things we build, and shape the direction the security program takes as a whole. Our focus is everything from what our users see to Honey offices are in scope.  Although Honey is a collaborative environment, this position is for a highly autonomous security expert who is excited about learning new technologies.

 

What You'll Do:

As a Red Team Specialist at Honey, you will:

  • Perform comprehensive, cyber security engagements on all Honey attack surfaces, from the office to the Cloud, while avoiding detection
  • Manually assess the security posture of our Extension, Web and Mobile clients
  • Evaluate and leverage automated tools that perform security assessments
  • Evaluate the security posture of third-party integrations and partnerships
  • Translate red team engagement findings into actionable items for both technical and executive audiences
  • Create POC’s for vulnerabilities found in Honey
  • Create technically flexible remediation strategies for vulnerabilities
  • Work with the security development team to automate security assessments
  • Research previously unknown vulnerabilities in Honey’s infrastructure
  • Lead threat modeling and tabletop exercises
  • Evaluate and contribute to Honey’s overall security strategy

Secondary Responsibilities

  • Assist with forensics, incident response and reverse engineering
  • Deploy security assessment and monitoring tools
  • Lead secure code trainings
  • Integrate security tools in the CI/CD and SDLC processes
  • Develop and/or extend scripts to enhance Honey’s security assessment tools and processes
  • Assist with the Security Operations Center

About You:

  • 3+ years of Red Team experience
  • Possess a high level of proficiency in web, browser and mobile security
  • Possess a high level of proficiency in the penetration testing process
  • Strong understanding of system and application vulnerability classes
  • Well rounded knowledge in security tools, software and processes
  • Knowledge in identity access, access control, network/host intrusion detection, intrusion prevention and patch management tools
  • Knowledge of Cloud, Containers and Container Orchestration tools
  • Proficiency in one or more scripting languages: Perl, Python, Powershell, Ruby, etc
  • Knowledge of regulatory security frameworks
  • Ability to write clearly and concisely for both technical and executive audiences

 

Honey is an equal opportunity employer. We are committed to building a diverse and inclusive company. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, disability status or genetic information, in compliance with applicable federal, state and local law.

 

 

Apply for this Job

* Required
(Optional)
Almost there! Review your information then click 'Submit Application' to apply.

File   X
File   X