Security Engineer (Pentesting, Incident Response & Investigations)

At Talkdesk, we are courageous innovators focused on redefining customer experience, making the impossible possible for companies globally. We champion an inclusive and diverse culture representative of the communities in which we live and serve. We give back to our community by volunteering our time, supporting non-profits, and minimizing our global footprint. Each day, thousands of employees, customers, and partners around the world trust Talkdesk to deliver a better way to great experiences.

Our Engineering teams follow a micro-service architecture approach to build the next generation of Talkdesk, with autonomous vertical teams owning their services end to end. We promote agile and collaborative practices, value peer reviews, and believe that true authority comes from knowledge, not position. Respect, curiosity, and continuous learning are core to how we work.

Are you passionate about breaking things to make them safer?

As a Security Engineer focused on Pentesting, Incident Response, and Security Investigations, you will play a key role in detecting, investigating, and preventing security incidents while proactively identifying weaknesses across our platforms and applications.

• →Perform manual and automated penetration testing of web applications, APIs, cloud-based systems, and AI/ML models.
• →Conduct security assessments of AI-driven features, focusing on risks like prompt injection, data leakage, and adversarial attacks.
• →Conduct security investigations to identify root causes, attack paths, and impact of security incidents.
• →Lead or actively participate in incident response, including detection, containment, eradication, and post-incident reviews.
• →Analyze logs, telemetry, and forensic artifacts to support investigations and threat hunting activities.

• →Triage, validate, and prioritize findings from internal and external penetration tests.
• →Work closely with engineering teams to explain vulnerabilities, recommend pragmatic remediations, and verify fixes.
• →Support the development and improvement of incident response playbooks and processes.
• →Perform threat modeling (e.g., STRIDE) to identify realistic attack scenarios.
• →Continuously research emerging threats, attack techniques, and exploitation methods relevant to our environment, including the evolving AI threat landscape.
• →Act as a security subject-matter expert (SME) during incidents and high-risk technical discussions.
• →Help improve Talkdesk’s overall security posture through lessons learned and proactive testing.

• Strong knowledge of application and systems security
• Solid understanding of web technologies, networking, and common attack vectorsPractical experience with penetration testing tools and techniques
• Experience with the OWASP Top 10 for LLMs and common AI exploitation patterns
• Experience conducting security investigations and incident responseUnderstanding of OWASP Top 10 and common exploitation patterns

• Knowledge of cryptographic concepts and their practical use (and misuse)
• Linux/Unix proficiency
• Experience analyzing logs and security events
• Scripting or coding experience in at least one general-purpose language (e.g., Python, Ruby, Java)
• Excellent written and verbal communication skills, with the ability to explain complex security issues clearly
• Fluent in English (written and spoken)
• Strong analytical and critical-thinking skills
• Comfortable working in fast-paced, sometimes high-pressure situations

• Experience testing cloud-native environments, especially AWS
• Familiarity with microservices architectures and API security
• Experience with web and mobile application security testing
• Exposure to DAST, SAST, or IAST tools (hands-on or triage-focused)
• Experience performing application architecture security reviews
• Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS, OWASP, SANS)
• Relevant certifications such as OSCP, OSWE, GSEC, GCIA, CISSP, or CISM
• Familiarity with technologies like Git, Ruby, Kotlin, RabbitMQ, Redis, MongoDB, or PostgreSQL