Senior Offensive Security Engineer

Who We Are HP IQ is HP's new AI innovation lab. Combining startup agility with HP's global scale, we're building intelligent technologies that redefine how the world works, creates, and collaborates. We're assembling a diverse, world-class team-engineers, designers, researchers, and product minds-focused on creating an intelligent ecosystem across HP's portfolio. Together, we're developing intuitive, adaptive solutions that spark creativity, boost productivity, and make collaboration seamless.

We create breakthrough solutions that make complex tasks feel effortless, teamwork more natural, and ideas more impactful-always with a human-centric mindset. By embedding AI advancements into every HP product and service, we're expanding what's possible for individuals, organisations, and the future of work. Join us as we reinvent work, so people everywhere can do their best work. About

The Role As an Offensive Security Engineer within HP IQ's Product Security team, you will partner closely with engineering teams to identify, validate, and mitigate security risks across the product lifecycle. You'll influence design decisions, embed security into development workflows, and continuously assess attack surfaces to guide and enhance secure development. What You Might Do
* Lead penetration tests and security assessments for product and feature releases.
* Conduct continuous security engagements, proactively identifying vulnerabilities and driving remediation to closure.
* Advise engineering and product teams on remediation strategy, validating fixes and tracking measurable improvements to security posture over time.
* Assess attack surfaces across internet-facing services, APIs, and device interfaces (Wi-Fi, BLE, USB).
* Perform threat modeling and security architecture reviews that directly shape product decisions.
* Define and lead end-to-end risk reduction initiatives with internal and external stakeholders, aligning offensive findings to strategic security investments.
* Shape the offensive security roadmap, defining assessment scope, tooling, and methodology standards. Essential Qualifications
* 5+ years of experience as an offensive security engineer or equivalent.
* Experience threat modeling (e.g., STRIDE) and mapping adversary techniques (e.g., MITRE ATT&CK).
* Expertise in identifying and exploiting common vulnerabilities (e.g., OWASP Top 10, SANS 25).
* Hands-on experience testing embedded systems, firmware, and device software, including boot loader security, OS hardening, and low-level interface exploitation (e.g., JTAG, UART, SPI/I2C).
* Demonstrated experience with hardware-assisted attack techniques such as fault injection, side-channel analysis, and glitching, using tools like Chip Whisperer, OpenOCD, Ghidra, Binwalk.
* Proficiency in at least one modern language (Go, Python, Java, or Type Script), applied to building offensive tooling, exploits, or automation.
* Ability to communicate security findings, risk posture, and strategic recommendations to both engineering teams and executive stakeholders. Preferred Skills *

Experience securing AI products or edge-connected systems at scale.
* Experience building or maturing an offensive security practice within a product-focused organization.
* Experience validating technical controls to meet compliance standards such as SOC 2, ISO 27001, or PCI DSS.
* Experience formalizing secure-by-design standards across diverse environments, including applications, cloud services, and device software, translating principles into enforceable controls and engineering patterns.
* Security research background with demonstrated findings, CVE disclosures, or public contributions to the offensive security community.
* Track record of driving cross-functional security outcomes without direct authority, including aligning engineering and product roadmaps to offensive findings. Salary: $180,000- $250,000 Compensation & Benefits (Full-Time Employees) The salary range for this role is listed above. Final salary offered is based upon multiple factors including individual job-related qualifications, education, experience, knowledge and skills. At HP IQ, we offer a…