Security Engineer (Pentesting, Incident Response & Investigations)
Talkdesk is pioneering a new era of Customer Experience Automation (CXA), redefining how the world’s most admired brands interact with their customers through AI. Our global team of courageous innovators is customer-obsessed, building AI-first solutions that put empathy, trust, and transparency at the center of every interaction. We foster an inclusive culture where diverse perspectives drive our success and every voice belongs. Combining the stability of a global leader with the agility of a disruptor, Talkdeskers are empowered with the autonomy to drive meaningful impact, while giving back to the communities and environment around us.
Talkdesk has been recognized as a Leader in the Gartner® Magic Quadrant™ for Contact Center as a Service (CCaaS) and in the G2 Overall Grid® Reports for AI Agents and Contact Center. With seven consecutive years on the Forbes Cloud 100 and multiple AI Breakthrough awards, there has never been a more exciting time to join us as we shape the future of customer experience automation!
At Talkdesk, we are courageous innovators focused on redefining customer experience, making the impossible possible for companies globally. We champion an inclusive and diverse culture representative of the communities in which we live and serve. We give back to our community by volunteering our time, supporting non-profits, and minimizing our global footprint. Each day, thousands of employees, customers, and partners around the world trust Talkdesk to deliver a better way to great experiences.
Our Engineering teams follow a micro-service architecture approach to build the next generation of Talkdesk, with autonomous vertical teams owning their services end to end. We promote agile and collaborative practices, value peer reviews, and believe that true authority comes from knowledge, not position. Respect, curiosity, and continuous learning are core to how we work.
Are you passionate about breaking things to make them safer?
As a Security Engineer focused on Pentesting, Incident Response, and Security Investigations, you will play a key role in detecting, investigating, and preventing security incidents while proactively identifying weaknesses across our platforms and applications.
What you’ll do
Depending on your profile and experience, your responsibilities may include:
- Perform manual and automated penetration testing of web applications, APIs, cloud-based systems, and AI/ML models.
Conduct security assessments of AI-driven features, focusing on risks like prompt injection, data leakage, and adversarial attacks.Conduct security investigations to identify root causes, attack paths, and impact of security incidents.Lead or actively participate in incident response, including detection, containment, eradication, and post-incident reviews.Analyze logs, telemetry, and forensic artifacts to support investigations and threat hunting activities.
- Triage, validate, and prioritize findings from internal and external penetration tests.
- Work closely with engineering teams to explain vulnerabilities, recommend pragmatic remediations, and verify fixes.
- Support the development and improvement of incident response playbooks and processes.
- Perform threat modeling (e.g., STRIDE) to identify realistic attack scenarios.
- Continuously research emerging threats, attack techniques, and exploitation methods relevant to our environment, including the evolving AI threat landscape.
- Act as a security subject-matter expert (SME) during incidents and high-risk technical discussions.
- Help improve Talkdesk’s overall security posture through lessons learned and proactive testing.
Must have
Strong knowledge of application and systems securitySolid understanding of web technologies, networking, and common attack vectorsPractical experience with penetration testing tools and techniques
- Experience with the OWASP Top 10 for LLMs and common AI exploitation patterns
Experience conducting security investigations and incident responseUnderstanding of OWASP Top 10 and common exploitation patterns
- Knowledge of cryptographic concepts and their practical use (and misuse)
- Linux/Unix proficiency
- Experience analyzing logs and security events
- Scripting or coding experience in at least one general-purpose language (e.g., Python, Ruby, Java)
- Excellent written and verbal communication skills, with the ability to explain complex security issues clearly
- Fluent in English (written and spoken)
- Strong analytical and critical-thinking skills
- Comfortable working in fast-paced, sometimes high-pressure situations
Nice to have
- Experience testing cloud-native environments, especially AWS
- Familiarity with microservices architectures and API security
- Experience with web and mobile application security testing
- Exposure to DAST, SAST, or IAST tools (hands-on or triage-focused)
- Experience performing application architecture security reviews
- Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS, OWASP, SANS)
- Relevant certifications such as OSCP, OSWE, GSEC, GCIA, CISSP, or CISM
- Familiarity with technologies like Git, Ruby, Kotlin, RabbitMQ, Redis, MongoDB, or PostgreSQL
Work Environment and Physical Requirements:
Primarily office-environment work, extended periods of sitting or standing, computer-based work. Limited lifting, and equipment usage limited to computer-related equipment (keyboards, mouse, etc.)