Senior Offensive Security Engineer
WFA Digital Insight
The demand for skilled security professionals has grown exponentially, with cybercrime on the rise. As a result, companies like Huntress are looking for experts who can stay one step ahead of potential threats. With the global cybersecurity market projected to reach $300 billion by 2027, the need for talented individuals with a deep understanding of adversarial tradecraft and cloud computing platforms has never been more pressing. Huntress, a remote-first company, is at the forefront of this effort, offering a unique opportunity for senior offensive security engineers to make a meaningful impact. Before applying, candidates should be aware that this role requires a documentation-first mindset, expertise in scripting languages, and experience working in a macOS environment.
Job Description
## About the Role As a senior offensive security engineer at Huntress, you will be part of a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. Your primary focus will be on assessing Huntress' ability to withstand attacks from highly motivated adversaries. This will involve conducting red team engagements, penetration tests, and social engineering campaigns to identify vulnerabilities and strengthen the company's defenses. You will be working closely with the internal security and product teams to explore and address security concerns in a collaborative fashion. Huntress has a strong emphasis on security, and as a senior offensive security engineer, you will be surrounded by experienced professionals who share your passion for cybersecurity. The company's commitment to remote work and flexible scheduling allows for a better work-life balance, making it an attractive option for those looking for a challenging and rewarding career. The role of a senior offensive security engineer is crucial in today's digital landscape, where cyber threats are becoming increasingly sophisticated. By joining Huntress, you will be part of a team that is dedicated to making a meaningful impact in the cybersecurity industry.
## What You Will Do - Plan, design, and execute red team engagements to simulate advanced adversarial tactics and techniques - Perform in-depth penetration tests on web applications, endpoint agents, internal systems, and people - Utilize a mix of traditional scripting and generative AI platforms to rapidly prototype tools, replicate sophisticated cyber threats, and automate repetitive workflows during live engagements - Conduct social engineering campaigns to evaluate human vulnerabilities - Collaborate closely with the Security Operations Center and CSIRT teams to enhance detection and response capabilities - Stay informed on emerging threats and update red teaming methodologies - Partner with Product Security to prioritize testing efforts for new releases - Analyze and exploit vulnerabilities through detailed operational logging, leveraging strong documentation and communication skills to translate complex technical findings into actionable remediation guidance - Develop and deliver detailed technical and executive-level reports post-engagement - Integrate red team tools, techniques, and processes into a broader security strategy - Lead or participate in after-action reviews to identify lessons learned - Assist in designing and implementing security controls based on red team findings
## What We Are Looking For - 3+ years of experience as an offensive security professional - A documentation-first mindset - Deep knowledge of adversarial tradecraft - Expert knowledge of cloud computing platforms (AWS, Azure) - Skills in scripting languages - Experience communicating findings that inform defenses - A pragmatic approach to problem-solving - Experience working in a primarily macOS environment is a significant asset - Strong understanding of cybersecurity principles and best practices - Ability to work independently and as part of a team
## Nice to Have - Experience with generative AI platforms - Knowledge of security frameworks and compliance regulations - Certification in cybersecurity (e.g., OSCP, CEH) - Experience with security information and event management (SIEM) systems - Familiarity with cloud security platforms (e.g., AWS Security Hub, Azure Security Center)
## Benefits and Perks - 100% remote work environment - Generous paid time off - Opportunities for professional growth and development - Access to cutting-edge cybersecurity tools and technologies - Collaborative and dynamic work environment - Flexible scheduling and work-life balance - Comprehensive health insurance - Retirement savings plan - Employee assistance program
How to Stand Out
- To stand out as a candidate, focus on showcasing your expertise in adversarial tradecraft, cloud computing platforms, and scripting languages.
- Make sure to highlight your experience with red team engagements, penetration tests, and social engineering campaigns.
- A strong understanding of cybersecurity principles and best practices is essential for this role.
- Be prepared to discuss your approach to problem-solving and how you stay up-to-date with emerging threats.
- When negotiating salary, consider the company's remote work environment and flexible scheduling as part of the overall compensation package.
- Be wary of companies that do not prioritize cybersecurity or have a lack of transparency in their security practices.
- When building your portfolio, focus on showcasing your technical skills and experience in cybersecurity, rather than just listing certifications or education.
This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.