Lead Adversarial Security Engineer

Role Overview:

As a lead member of the security operations team, and reporting to the Deputy CISO the mission of this role is to bridge the gap between "what if" and "what is" to continuously test the organization's defenses, find gaps, and personally lead the engineering effort to close them. By collaborating with the Security Operations Center (SOC), Threat Intelligence, and infrastructure teams, this expert will act as a force multiplier, mentoring junior security operations staff and providing the technical leadership to measurably improve the ability to detect and respond to advanced threats.

About the role:

• Plan and execute sophisticated, end-to-end red team engagements against our on-premise and cloud infrastructure.
• Develop and validate new detection logic, transforming the results of your own attacks into high-fidelity alerts.
• Lead continuous purple team exercises, acting as the primary bridge between the SOC, Threat Intelligence, and Detection Engineering teams.
• Leverage Attack Surface Management (ASM) data to find "Shadow IT" and prioritize your offensive operations based on the most likely and impactful attack vectors.
• Act as a senior technical leader, mentoring SOC analysts and junior engineers on advanced attack chains, detection theory, and defensive best practices.
• Communicate complex findings and remediation strategies to a wide range of stakeholders, from highly technical engineers to executive leadership.

About you:

• You have a blended career path of 7+ years, demonstrating experience in both offensive security (like Red Teaming) and defensive operations (like Detection Engineering or Threat Hunting).
• You possess exceptional communication skills, with an ability to create reports and presentations for both highly technical and executive audiences.
• You are a U.S. citizen.
• Your technical expertise is built on a deep, practical understanding of frameworks like MITRE ATT&CK and the Diamond Model.
• You have proficiency in modern offensive tools and C2 frameworks (e.g., Cobalt Strike, Metasploit) and/or experience developing custom attack methods to evade EDR and network controls.
• You are proficient in writing, tuning, and validating detection logic in SIEM and EDR platforms.
• Your knowledge of automation is clear from your proficiency in any scripting languages such as Python or PowerShell.
• You have practical experience assessing and defending modern cloud environments.
• You may hold advanced offensive (e.g., OSCP, OSEP, GXPN) or defensive (e.g., GCIH, GDAT) certifications.
• You may contribute to the community through public-facing research, conference talks, or open-source tools.

Company Benefits and Perks:

We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Retirement Plans

• Medical, Dental and Vision Coverage

• Paid Time Off

• Paid Parental Leave

• Support for Community Involvement

We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.