​Viasat is seeking an experienced Offensive Security Engineer to simulate real-world cyberattacks against its diverse infrastructure, including hardware, service networks, satellite ground stations, and large-scale web/cloud applications. This role requires developing and executing custom exploits and providing clear, actionable risk assessments to both technical and executive audiences.

• ​Location: Remote in CA, AZ, MD, GA, or hybrid in several city offices.
• ​Salary Range: $107,500.00 – $170,500.00 annually (Higher in specific high-cost metropolitan areas).
• ​Required Experience: 3+ years of experience in offensive cybersecurity engineering, network penetration testing, threat emulation development, and web/cloud application security.
• ​Citizenship: US Citizenship required (Government focus).
• ​Travel: Ability to travel up to 10%.

​What You’ll Do: Attack Simulation and Tool Development

​The engineer’s day-to-day focuses on identifying and exploiting vulnerabilities across the entire Viasat ecosystem.

• ​Web and Cloud Testing: Conduct comprehensive security assessments of large-scale web applications, APIs, cloud environments (AWS, Azure, GCP), and supporting container infrastructure (Kubernetes, Docker).
• ​Network Penetration Testing: Conduct gray-box and closed system penetration tests on Viasat network infrastructure, including customer-facing networks, firewalls, and core ISP systems.
• ​Exploitation: Develop and execute custom exploits to demonstrate the impact of vulnerabilities, focusing on chaining multiple weaknesses into complex attack scenarios.
• ​Research and Tools: Stay current with the latest security trends and exploits. Develop custom scripts and tools to automate testing processes and improve efficiency.
• ​Reporting: Create high-quality, comprehensive reports that detail vulnerabilities, risk levels, and specific remediation recommendations for engineering teams.

​Required Skills

• ​Offensive Security Expertise: 3+ years in offensive cybersecurity engineering, network penetration testing, and threat emulation.
• ​Cloud & Containerization: Proficiency in cloud services and container technologies (AWS, Azure, GCP, Kubernetes, Docker).
• ​Web Languages: Experience with various web application development frameworks and languages (e.g., JavaScript, Python, Ruby, C, C++, REST, gRPC).
• ​Communication: Strong communications skills, adept at composing detailed reports and presenting technical briefings.

​Helpful Qualifications (Preferred)

• ​Bachelor’s degree in Cybersecurity or related engineering discipline.
• ​OSCP or OSWE certifications.