Senior Engineer, Offensive Security

📋 Description

• • As a Senior Engineer, Offensive Security at Humana Inc., you will be a pivotal member of a specialized, 100% remote offensive security team focused on executing high-fidelity threat actor and control validation campaigns within our Breach and Attack Simulation (BAS) program.
• • This role demands a blend of technical expertise, strategic thinking, and autonomous operation, significantly influencing functional area strategy and making informed recommendations to leadership.
• • You will operate with considerable autonomy on moderately complex assignments, leveraging advanced knowledge and experience to drive the direction of the BAS program.
• • Your primary focus will be on the execution of Breach and Attack Simulation operations, ensuring the successful delivery of campaigns, and conducting detailed analysis of results.
• • You will be part of the Cyber Threat Simulation (CTS) group, collaborating closely with Red Team, Penetration Testing, and Bug Bounty professionals – highly specialized experts dedicated to proactively identifying vulnerabilities.
• • The team is committed to continuous learning and development, providing access to Hack TheBox Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets.
• • These resources are designed to enable you to continuously advance your expertise while tackling industry-leading BAS challenges at scale.
• • Fridays are dedicated to research and development, offering opportunities to pursue training in emerging offensive security technologies, tools, large language models (LLMs), artificial intelligence, and other relevant cutting-edge topics.
• • Your core mission involves running high-fidelity threat-actor and control-validation campaigns, meticulously maintaining agent health, and transforming raw BAS platform test results into actionable findings.
• • These findings will be tracked within the enterprise risk management platform, providing critical insights for security enhancement.
• • You will leverage your deep offensive security expertise to determine the most effective simulation approaches, design appropriate test cases for specific security countermeasures, and adeptly manage multiple projects simultaneously.
• • A typical week will involve reviewing the latest intelligence from the Threat Intelligence team on specific threat actors, chaining custom Tactics, Techniques, and Procedures (TTPs) for Threat Simulations, and developing complementary custom test cases using the platform’s Python API.
• • Additional responsibilities include initiating bi-weekly Security Baselines, collaborating with SIEM Engineering to tune detection logic based on recent baseline results, and writing concise, impactful findings for documentation in the enterprise risk management system.
• • You will also conduct in-depth analysis of Indicator of Compromise (IOC) Validation gaps, ensuring comprehensive coverage and effectiveness of security measures.
• • Every campaign you launch directly contributes to identifying real-world weaknesses before malicious actors can exploit them, providing Engineering and Threat Management and Response teams with invaluable data.
• • This data empowers these teams to strengthen security countermeasures, review architectural and strategic security decisions, and significantly enhance Humana's overall security posture.
• • You will excel in this role if you possess strong Python proficiency, enjoy transforming cyber threat intelligence into high-fidelity TTPs, thrive at mapping attacker behavior to potential detection telemetry, and prefer presenting evidence-based dashboards over engaging in hypothetical debates.
• • Campaign Delivery: You will build and execute threat-actor and control-validation campaigns using the BAS platform's pre-built threat simulation libraries, augmented by custom test cases developed via the Python API to address specific TTPs not covered by vendors.
• • You will ensure campaigns meet established service level agreements, such as a two-week turnaround for prebuilt threat simulations, while operating with limited guidance on moderately complex campaign development.
• • Tool Operation & Tuning: You will maintain agents, payload sets, and scheduling with considerable autonomy, automating bi-weekly security baseline runs and creating synthetic unit tests in response to changes in countermeasure configurations or architecture.
• • You will apply advanced technical knowledge to resolve complex issues encountered during operations.
• • Data & Reporting: You will draft actionable findings for SOC/IR teams and organize risk items within the Findings-Analysis workstream for documentation, using independent judgment to analyze and evaluate variable factors like network architecture, agent configuration, and detection capabilities.
• • Strategic Collaboration: You will collaborate with the CTI team on priority TTPs, verify annual coverage, and share newly developed test cases with the broader team, making recommendations on testing approaches based on your offensive security expertise and experience.
• • Continuous Improvement: You will propose enhancements to security countermeasures, address detection or alerting gaps, and suggest new service-line use cases to the Lead for roadmap consideration, influencing the BAS strategy with your technical insights and proactive recommendations.