Senior Offensive Security Engineer

Senior Engineer, Offensive Security

Employment Type: Full time

Position Overview

Become a part of our caring community and help us put health first. The Senior Engineer, Offensive Security, executes high-fidelity threat actor and control validation campaigns within our BAS program. This role influences functional area strategy through technical expertise, operates with considerable autonomy on moderately complex assignments, and makes recommendations to leadership based on advanced knowledge and experience. The position focuses on Breach and Attack Simulation (BAS) operations, campaign delivery, and detailed analysis, while also contributing to the overall direction of the program.

The Bigger Picture

Join a 100% remote, highly specialized offensive security team where you will have access to Hack The Box Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets. These resources will enable you to continuously advance your expertise while working on industry-leading BAS challenges at scale. You will be part of Cyber Threat Simulation (CTS), collaborating with Red Team, Penetration Testing, and Bug Bounty professionals—highly specialized experts who identify vulnerabilities so the business can address them proactively. Fridays are dedicated to research and development, allowing the team to pursue training in emerging offensive security technologies, tools, large language models (LLMs), artificial intelligence, and other relevant topics.

Mission & Impact

Run high-fidelity threat-actor and control-validation campaigns, maintain agent health, convert raw BAS platform test results into actionable findings, and track them in the enterprise risk management platform. You will leverage your offensive security expertise to determine the most effective approach for executing simulations, design appropriate test cases for specific security countermeasures, and manage multiple projects simultaneously.

Your week includes:

• Reviewing the latest products from the Threat Intelligence team on a specific threat actor.
• Chaining custom Tactics, Techniques, and Procedures (TTPs) for a Threat Simulation.
• Developing complementary custom test cases using the platform’s Python API.
• Initiating a bi-weekly Security Baseline.
• Collaborating with SIEM Engineering to tune detection logic after analyzing recent baseline results.
• Writing concise findings for documentation in the enterprise risk management system.
• Conducting in-depth analysis of IOC Validation gaps.

Why it matters: Every campaign you launch identifies real-world weaknesses before attackers can exploit them, providing Engineering and Threat Management and Response teams with valuable data to strengthen security countermeasures, review architectural and strategic security decisions, and enhance our overall security posture.

You’ll excel in this role if:

• You are proficient in Python.
• You enjoy transforming cyber threat intelligence into high-fidelity TTPs.
• You thrive at mapping attacker behavior to potential detection telemetry.
• You prefer presenting evidence-based dashboards over debating hypotheticals.

Key Responsibilities

Campaign Delivery:

• Build and execute threat-actor and control-validation campaigns using the BAS platform's pre-built threat simulation libraries.
• Supplement campaigns with custom test cases developed through the Python API to address specific TTPs not covered by the vendor.
• Ensure campaigns meet service level agreements, such as a two-week turnaround for pre-built threat simulations.
• Operate with limited guidance on moderately complex campaign development.

Tool Operation & Tuning:

• Maintain agents, payload sets, and scheduling with considerable autonomy.
• Automate bi-weekly security baseline runs.
• Create synthetic unit tests when there are changes in countermeasure configurations or architecture.
• Apply advanced technical knowledge to resolve complex issues.

Data & Reporting:

• Draft actionable findings.

Salary

• Not specified

Location Type

• Not specified