Adversarial Security Engineer

About Prelude

Prelude is a technology company that helps organizations proactively ask questions of their security systems to know if their defenses are protecting them from the latest threats. Built around the notion of visibility, our products conduct continuous probing that elicits answers to questions ranging from basic health checks to vulnerability to latest threats - across production environments. We are focused on bringing innovation to detection engineering, with custom detections and responses being brought to the user at machine speed.

Role

Prelude is seeking to expand our security team with highly technical security engineers. The Security Engineering team is primarily responsible for the development of tests and other offensive security content. Additionally, the team develops our probes and conducts research in support of test development.

Our ideal candidate has a strong background in offensive and defensive security, ideally as part of a red or purple team. The candidate should have a strong grasp on modern offensive tradecraft and tooling, EDR, and operating system internals. Experience in the following areas is highly preferred:

• Disassemblers (IDA, Ghidra, etc.)

• Debuggers (WinDbg, x64dbg, etc)

• Go programming

• Systems programming languages (C, C++, or Rust)

• Development using the Win32 API

• Malware development or reverse engineering

• Detection engineering

You will be working with a team of adversarial security experts and former intelligence/military offensive security engineers with a firm commitment to the mission of helping to protect organizations through making advanced security more accessible.

Job Duties

• Design, test, and deploy verified security tests (for an example, please reference our demo)

• Develop and maintain probes, our lightweight endpoint processes that knows how to run security tests

• Conduct security and operating system internals research to identify novel attack techniques

• Synthesize intelligence reporting to guide the structure of replicative tests and ensure coverage of observed adversary tactics

• Use collected attack metadata to build a continuously improving set of adversaries that can learn and adapt to its target

• Keep a pulse on the threat landscape to identify emerging threats, attacks, and novel techniques

• Assist with API testing and static code analysis as needed

• Assist with customer or user questions as needed

Skills & Experience

• 7+ years experience in a red/purple team capacity

• Ability to develop software and an aptitude for learning new programming languages

• Experience using offensive (Cobalt Strike, Nighthawk, BRC4) and defensive (SIEMs, EDRs) security tools and platforms

• Demonstrable expertise in one or more major operating systems (Windows, Linux, or macOS)

• Ability and willingness to generate high-quality technical content to be presented at conferences or shared via blog post

• Ability and willingness to mentor others on the team

Working at Prelude

Prelude is a Sequoia-backed team distributed across the US & Canada that takes pride in high-quality and rapid product development. We get together a few times a year for department based initiatives, company offsites, and encourage co-working when possible.

We offer generous healthcare coverage for individuals and dependents, have flexible PTO, and actively encourage our team to take time off to decompress. We also offer equipment and educational reimbursements.

We recognize the deep-rooted issues of homogeneity in the tech industry and highly encourage people of all backgrounds and life experiences to apply. We're striving to build a product that's accessible and useful for everyone, and firmly believe that diversity within our team is important in that pursuit.