Manager, Attack Engineering

Horizon3.ai, Inc.

Job Overview

Location

US, Remote

Job Type

Full-time

Full Job Description

📋 Description

• Lead and grow a team of Attack Engineers specializing in cloud providers, container orchestration platforms, and AI systems (AWS, Azure, OCI, GCP, Kubernetes), setting technical direction, priorities, and quality standards for cloud offensive capabilities while mentoring engineers and driving hiring and organizational scaling as the Cloud Ops team expands.
• Own offensive strategy across AWS, Azure, OCI, GCP and multi-cloud environments, Kubernetes and container ecosystems, identity, access, and enterprise platform layers, and AI/LLM-integrated systems, guiding development of end-to-end attack methodologies from discovery through exploitation, privilege escalation, lateral movement, impact, and verification to ensure NodeZero capabilities are realistic, production-safe, and aligned with modern attacker tradecraft.
• Partner with Product and Design to translate field insights into prioritized roadmap input and productized capabilities, creating tight feedback loops between real-world attack findings and platform evolution, and helping define next-generation attack surfaces across cloud and AI systems.
• Oversee high-impact customer engagements and technical briefings, ensuring clear articulation of exploitability, business impact, and remediation, and contributing to external content such as blogs, demos, and thought leadership where appropriate.
• Balance hands-on technical depth with strategic leadership, operating at the intersection of offensive security, engineering, and product to drive both technical direction and strategic execution, maintaining high standards for quality, safety, and customer trust while serving as a strong cross-functional partner across Engineering, Product, and GTM.
• Foster a culture of respect, collaboration, ownership, and results as part of a team of former U.S. Special Operations cyber operators, startup engineers, and formerly frustrated cybersecurity practitioners committed to solving ineffective security tools, false positives, blind spots, checkbox security culture, cybersecurity skills shortage, and the long lead time and expense of hiring outside consultants.

🎯 Requirements

• 5+ years leading offensive security, red team, or attack engineering teams with experience managing teams of 6–10+ engineers and scaling organizations.
• Strong expertise in one or more: AWS, Azure, OCI, or GCP attack surfaces; Kubernetes/container security; identity and access abuse (IAM, RBAC, federation, privilege escalation), including deep understanding of cloud misconfigurations, data access and control-plane compromise, and multi-account/multi-tenant attack scenarios.
• Strong background in software engineering (Python preferred), with experience in APIs, cloud automation, infrastructure tooling, CI/CD, and infrastructure-as-code (Terraform, CloudFormation, etc.), plus comfort working with Git, MR workflows, and product development cycles.

🏖️ Benefits

• Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.
• Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.
• Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.
• Remote Work: We are a 100% remote company. Enjoy the convenience and work-life balance that comes with remote work.
• Competitive Compensation: We offer competitive salary, equity and benefits. Our benefits include health, vision & dental insurance for you and your family, a flexible vacation policy, and generous parental leave.

Skills & Technologies

Python

AWS

Azure

GCP

Kubernetes

Remote

$180k-230k

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Horizon3.ai, Inc.

Visit Website

About Horizon3.ai, Inc.

Horizon3.ai provides autonomous security testing and attack surface management software. Its NodeZero platform continuously assesses enterprise networks, clouds, and applications to find exploitable weaknesses, validate fixes, and prioritize risks. The company serves Fortune 500, government, and mid-market organizations seeking proactive defense without manual red teams.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.