xelys jobs xelys jobs

Senior Security Engineer

Bitwarden

full-remoteseniorpermanentsecurity Santa Barbara, CA Today via LinkedIn

See how well this job matches your profile

Sign up to get an AI match score and generate a tailored application in seconds.

Get your match score

Tags

Security EngineeringPurple TeamPenetration TestingThreat ModelingVulnerability ManagementBurp SuiteNessusMetasploitOWASP ZAPOAuth OpenID Connect SAML

About the role

Role Overview

As a Senior Security Engineer at Bitwarden, you will perform and coordinate purple team security activities across Bitwarden products and services. You’ll combine offensive and defensive security skills to conduct threat research, penetration testing, code audits, security validation, and cryptography reviews.

Responsibilities

  • Conduct purple team testing, including:
    • Threat research and analysis
    • Penetration testing and security validation testing
    • Code audits and cryptography reviews
  • Support the security findings response process (report response, investigation, and triage)
  • Assist with remediation of vulnerabilities found through internal or external testing
  • Research threats across the surface web, dark web, and deep web
  • Build threat models, run threat hunts, and plan/execute purple team engagements
  • Coordinate internal red team testing operations that emulate threat actors
  • Collaborate with application developers, platform engineers, and SOC engineers to improve offensive and defensive controls
  • Perform and analyze vulnerability testing and contribute to incident response and analysis
  • Test security across web, mobile, CLI, and desktop across Bitwarden’s products and services (Password Manager, Secrets Manager, Passwordless.dev, APIs, serverless functions, databases)
  • Participate in security-focused code reviews and spread knowledge about security posture
  • Communicate findings, attack paths, and recommendations to stakeholders
  • Train others on adversary simulation tactics and procedures
  • Stay current with security trends, publications, and advisories
  • Provide security and technical operations subject matter expertise (including cloud environment analysis, security testing/documentation, investigations, tool/vendor security analysis)

Requirements

  • Experience with penetration testing tools (e.g., Burp Suite, NMAP, Nessus, Metasploit, Kali Linux, SQLMap, OWASP ZAP)
  • Strong knowledge of vulnerability management tools and strategies
  • Practical application security testing experience (plus)
  • Understanding of authentication concepts and flows, including OpenID Connect, SAML, OAuth, SSO

Nice-to-haves / Additional Signals

  • In-depth understanding and usage of application security testing technologies

Location / Eligibility

  • All-remote team; role requires you to be located in the U.S.
  • No visa sponsorship currently.

About Bitwarden

Bitwarden is a security-focused company that helps enterprises, developers, and individuals securely store and share sensitive data. It provides transparent, open-source password management, secrets management, and passwordless/passkey innovations. The company is headquartered in Santa Barbara, California and is supported by a global community of security experts.

View original listing Generate application

Scraped 4/8/2026

xelys jobs xelys jobs

Built for remote job seekers. Powered by AI.