Insight Security
HomeServicesOur ApproachInsightsContact
Book a Call
CAREERS / SECURITY ENGINEER

Security Engineer

Location
Remote, US
Employment type
Full-time

We're looking for a security engineer who can find vulnerabilities, test defenses, and help our clients understand what attackers actually see when they look at their systems.

As a Security Engineer at Insight Security, you'll be the person who finds the gaps before someone else does. You'll conduct penetration tests against web applications, APIs, networks, and cloud environments. You'll simulate real-world attacks and help clients understand not just what's broken, but why it matters and how to fix it.

This role goes beyond running scans and writing reports. We're looking for someone who can dig deep, chain vulnerabilities together, and find the issues that automated tools miss. You'll work closely with clients to explain your findings in plain language and help them prioritize remediation based on actual risk.

You'll also have the opportunity to work on red team engagements, purple team exercises, and help clients improve their detection and response capabilities. The work is varied, and you'll have real input into how we approach technical testing.

What you'll do

  • Conduct penetration tests against web applications, APIs, mobile apps, and network infrastructure
  • Assess cloud environments (AWS, Azure, GCP) for misconfigurations and security weaknesses
  • Perform red team engagements that simulate realistic attack scenarios across multiple vectors
  • Lead purple team exercises with client security teams to improve detection capabilities
  • Write clear, actionable reports that explain vulnerabilities and remediation steps
  • Present findings to technical teams and leadership, translating risk into business terms
  • Stay current on attack techniques, tools, and emerging threats
  • Contribute to building our testing methodologies and internal tooling

What we're looking for

  • 4+ years of hands-on experience in penetration testing or offensive security
  • Strong understanding of web application vulnerabilities beyond the OWASP Top 10
  • Experience testing cloud environments and understanding cloud-specific attack vectors
  • Familiarity with network protocols, Active Directory, and common enterprise technologies
  • Ability to write clear reports that communicate risk to both technical and non-technical audiences
  • Scripting ability in Python, Bash, or similar languages
  • A mindset that goes beyond running tools to actually understanding what you're finding

Nice to have

  • Experience with red team operations and adversary simulation
  • Familiarity with the MITRE ATT&CK framework
  • Experience testing AI/ML applications or LLM-powered systems
  • Bug bounty experience or published security research
  • Certifications like OSCP, OSWE, or similar (helpful but not required)

What we offer

  • Competitive salary and equity
  • Fully remote work
  • Health, dental, and vision insurance
  • Unlimited PTO (and we actually use it)
  • Home office stipend
  • Professional development budget
  • 401(k) with company match
  • Flexible schedule

Interested?

Send your resume and a few sentences about why you're interested. We read every application and respond to everyone.

Apply Now
Insight Security

We build security programs for growing companies.

ServicesOur ApproachCareersInsightsContact
© 2026 Insight Security. All rights reserved.