Senior Security Engineer

Security Engineer (Pentesting, Incident Response & Investigations)

Our Engineering teams follow a micro-service architecture approach to build the next generation of Talkdesk, with autonomous vertical teams owning their services end to end. We promote agile and collaborative practices, value peer reviews, and believe that true authority comes from knowledge, not position. Respect, curiosity, and continuous learning are core to how we work.

Are you passionate about breaking things to make them safer?

As a Security Engineer focused on Pentesting, Incident Response, and Security Investigations, you will play a key role in detecting, investigating, and preventing security incidents while proactively identifying weaknesses across our platforms and applications.

What you’ll do

Depending on your profile and experience, your responsibilities may include:

• Perform manual and automated penetration testing of web applications, APIs, cloud-based systems, and AI/ML models.

Conduct security assessments of AI-driven features, focusing on risks like prompt injection, data leakage, and adversarial attacks. Conduct security investigations to identify root causes, attack paths, and impact of security incidents.Lead or actively participate in incident response, including detection, containment, eradication, and post-incident reviews. Analyze logs, telemetry, and forensic artifacts to support investigations and threat hunting activities.

• Triage, validate, and prioritize findings from internal and external penetration tests.
• Work closely with engineering teams to explain vulnerabilities, recommend pragmatic remediations, and verify fixes.
• Support the development and improvement of incident response playbooks and processes.
• Perform threat modeling (e.g., STRIDE) to identify realistic attack scenarios.
• Continuously research emerging threats, attack techniques, and exploitation methods relevant to our environment, including the evolving AI threat landscape.
• Act as a security subject-matter expert (SME) during incidents and high-risk technical discussions.
• Help improve Talkdesk’s overall security posture through lessons learned and proactive testing.

Must have

Strong knowledge of application and systems security. Solid understanding of web technologies, networking, and common attack vectors. Practical experience with penetration testing tools and techniques

• Experience with the OWASP Top 10 for LLMs and common AI exploitation patterns

Experience conducting security investigations and incident responseUnderstanding of OWASP Top 10 and common exploitation patterns

• Knowledge of cryptographic concepts and their practical use (and misuse)
• Linux/Unix proficiency
• Experience analyzing logs and security events
• Scripting or coding experience in at least one general-purpose language (e.g., Python, Ruby, Java)
• Excellent written and verbal communication skills, with the ability to explain complex security issues clearly
• Fluent in English (written and spoken)
• Strong analytical and critical-thinking skills
• Comfortable working in fast-paced, sometimes high-pressure situations

Nice to have

• Experience testing cloud-native environments, especially AWS
• Familiarity with microservices architectures and API security
• Experience with web and mobile application security testing
• Exposure to DAST, SAST, or IAST tools (hands-on or triage-focused)
• Experience performing application architecture security reviews
• Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS, OWASP, SANS)
• Relevant certifications such as OSCP, OSWE, GSEC, GCIA, CISSP, or CISM
• Familiarity with technologies like Git, Ruby, Kotlin, RabbitMQ, Redis, MongoDB, or PostgreSQL

 

Pay Range (Base Pay):   $124,500 - $187,000

Other Types of Pay: Based on level and role the employee may be eligible for long term incentives in the form of equity and short term incentives of either bonus or commission. 

Health Insurance: Medical, Dental, Vision, Life and Disability Insurance, Employee Assistance Program (EAP).

Retirement Benefits: 401(k) plan

Paid Time Off: Talkdesk offers an uncapped paid time off program for exempt employees and an accrual-based program for non-exempt employees; both are subject to manager approval and consistent with business needs.

Paid Holidays: Talkdesk offers 14 paid holidays each year. 

Paid Sick Leave: Exempt employees have uncapped paid time off and non-exempt sick leave follows accrual standards; both are subject to manager approval and consistent with business needs.

Method of Application: Apply online.

Application Window: The application window is expected to close at least 7 days from the posting date. The application was posted on 04/29/2026.

Benefits and perks listed above may vary based on the nature of your employment with Talkdesk.

All questions or concerns about this posting should be directed to the Talent team at Talent@talkdesk.com.