Sr. Offensive Security Engineer

Organization icon

Rivian

Location icon

Palo Alto, CA, United States

Apply now
Clock icon

About Us:
Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract.

As a company, we constantly challenge what’s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations.
Role Summary:

You’ll have the opportunity to see the big picture and engage in activities that span offensive security testing and architecture review, collaborating closely with product and engineering teams to build secure and resilient solutions.


This is a hands-on role that demands a deep understanding of attack vectors, a proactive approach to finding vulnerabilities, and the ability to work strategically to influence security architecture and design.


Why You Might Love This Role

  • Impact-Driven: You’ll work across a variety of environments and influence the security direction of critical projects.
  • Innovative Team: Join a red team that doesn’t follow the conventional playbook—our focus is on continuously evolving offensive security in the cloud, OT, and enterprise environments.
  • Collaborative Culture: Work closely with engineers, product managers, and architects who care about building secure solutions from the ground up.
  • Big-Picture Thinking: You’ll have the freedom to not only think like an attacker but also shape the security architecture to preemptively thwart those attacks.


Why You Might Not Want This Role

  • This isn’t a traditional red team job focused only on adversarial simulations. You'll spend a lot of time collaborating with product and engineering teams and reviewing architecture.
  • You’re primarily interested in hacking vehicles. This role is focused on everything but the vehicles. Rivian has its own dedicated product security team focused on the security of the vehicles themselves.
  • The focus is on cloud, OT, and enterprise networks, so this may not be the right fit if you prefer a narrow scope of red teaming activities.
Responsibilities:
  • Red Team Operations: Lead red teaming exercises across a diverse range of environments, including cloud, OT, and enterprise networks.
  • Simulate adversarial attacks to identify vulnerabilities in systems, infrastructure, and applications.
  • Architecture Review: Work with product and engineering teams to review and improve the security of architecture designs. Identify weaknesses before implementation and provide actionable guidance to mitigate risks.
  • Big Picture Thinking: Look beyond individual systems to understand the holistic security posture, continuously seeking areas for improvement across the organization's technology landscape.
  • Cross-Team Collaboration: Engage with various teams—cloud infrastructure, Software Engineering, product, and OT operations—to ensure security is embedded into every stage of development and deployment.
Qualifications:
  • Generalist Mindset: You have a broad understanding of offensive security, seeing how cloud, OT, and enterprise networks intersect, and you thrive on identifying complex, multi-faceted security gaps.
  • Offensive Security Expertise: Experience leading red team assessments, including network, application, and cloud infrastructure security testing.
  • Architecture Review Experience: Ability to work with and influence product and engineering teams in designing secure systems. You understand how security considerations affect overall architecture.
  • Cloud & OT Focus: Hands-on experience with cloud security, as well as an understanding of operational technology (OT) environments and their unique security challenges.
  • Collaboration Skills: Strong communication skills, capable of translating technical security risks into actionable solutions for product, engineering, and executive teams.
  • Automation & Tooling: Experience with developing custom tools, scripts, or frameworks to assist in offensive security testing and automate repetitive tasks.
Pay Disclosure:

Salary Range/Hourly Rate for California Based Applicants: $148,800.00 - $187,200.00 (actual compensation will be determined based on experience, location, and other factors permitted by law)


Benefits Summary: Rivian provides robust medical/Rx, dental and vision insurance packages for full-time employees, their spouse or domestic partner, and children up to age 26. Coverage is effective on the first day of employment, and Rivian covers most of the premiums.

Company Statements:

Equal Opportunity

Rivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.

Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at candidateaccommodations@rivian.com.

Candidate Data Privacy

Rivian may collect, use and disclose your personal information or personal data (within the meaning of the applicable data protection laws) when you apply for employment and/or participate in our recruitment processes (“Candidate Personal Data”). This data includes contact, demographic, communications, educational, professional, employment, social media/website, network/device, recruiting system usage/interaction, security and preference information. Rivian may use your Candidate Personal Data for the purposes of (i) tracking interactions with our recruiting system; (ii) carrying out, analyzing and improving our application and recruitment process, including assessing you and your application and conducting employment, background and reference checks; (iii) establishing an employment relationship or entering into an employment contract with you; (iv) complying with our legal, regulatory and corporate governance obligations; (v) recordkeeping; (vi) ensuring network and information security and preventing fraud; and (vii) as otherwise required or permitted by applicable law.

Rivian may share your Candidate Personal Data with (i) internal personnel who have a need to know such information in order to perform their duties, including individuals on our People Team, Finance, Legal, and the team(s) with the position(s) for which you are applying; (ii) Rivian affiliates; and (iii) Rivian’s service providers, including providers of background checks, staffing services, and cloud services.

Rivian may transfer or store internationally your Candidate Personal Data, including to or in the United States, Canada, the United Kingdom, and the European Union and in the cloud, and this data may be subject to the laws and accessible to the courts, law enforcement and national security authorities of such jurisdictions.

Please note that we are currently not accepting applications from third party application services.