Prelude is a technology company that helps organizations proactively ask questions of their security systems to know if their defenses are protecting them from the latest threats. Built around the notion of visibility, our products conduct continuous probing that elicits answers to questions that range from basic health checks to vulnerability to latest threats - across production environments.

Role

Prelude is seeking to expand our security team with highly technical security engineers. The Security Engineering team is primarily responsible for the development of tests and other offensive security content. Additionally, the team develops our probes and conducts research in support of test development.

Our ideal candidate has a strong background in offensive and defensive security, ideally as part of a red or purple team. The candidate should have a strong grasp on modern offensive tradecraft and tooling, EDR, and operating system internals. Experience in the following areas is highly preferred:

Disassemblers (IDA, Ghidra, etc.)
Debuggers (WinDbg, x64dbg, etc)
Go programming
Systems programming languages (C, C++, or Rust)
Development using the Win32 API
Malware development or reverse engineering
Detection engineering

You will be working with a team of adversarial security experts and former intelligence/military offensive security engineers with a firm commitment to the mission of helping to protect organizations through making advanced security more accessible.

Job Duties

Design, test, and deploy verified security tests (for an example, please reference our demo)
Develop and maintain probes, our lightweight endpoint processes that knows how to run security tests
Conduct security and operating system internals research to identify novel attack techniques
Synthesize intelligence reporting to guide the structure of replicative tests and ensure coverage of observed adversary tactics
Use collected attack metadata to build a continuously improving set of adversaries that can learn and adapt to its target
Keep a pulse on the threat landscape to identify emerging threats, attacks, and novel techniques
Assist with API testing and static code analysis as needed
Assist with customer or user questions as needed

Skills & Experience

7+ years experience in a red/purple team capacity
Ability to develop software and an aptitude for learning new programming languages
Experience using offensive (Cobalt Strike, Nighthawk, BRC4) and defensive (SIEMs, EDRs) security tools and platforms
Demonstrable expertise in one or more major operating systems (Windows, Linux, or macOS)
Ability and willingness to generate high-quality technical content to be presented at conferences or shared via blog post
Ability and willingness to mentor others on the team

Working at Prelude

Prelude is a Sequoia-backed team distributed across the US & Canada that takes pride in high-quality and rapid product development. We get together a few times a year for company offsites, and encourage co-working when possible.

We offer generous healthcare coverage for individuals and dependents, have unlimited PTO, and actively encourage our team to take time off to decompress. We also offer equipment and educational reimbursements.

We recognize the deep-rooted issues of homogeneity in the tech industry and highly encourage people of all backgrounds and life experiences to apply. We're striving to build a product that's accessible and useful for everyone, and firmly believe that diversity within our team is important in that pursuit.