Senior Offensive Security Engineer

Become a part of our caring community and help us put health first
 The Senior Engineer, Offensive Security, executes high-fidelity threat actor and control validation campaigns within our BAS program. This role influences functional area strategy through technical expertise, operates with considerable autonomy on moderately complex assignments, and makes recommendations to leadership based on advanced knowledge and experience. The position focuses on Breach and Attack Simulation operations, campaign delivery, and detailed analysis, while also contributing to the overall direction of the program.

The Bigger Picture

Join a 100% remote, highly specialized offensive security team where you will have access to Hack The Box Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets. These resources will enable you to continuously advance your expertise while working on industry-leading BAS challenges at scale. You will be part of Cyber Threat Simulation (CTS), collaborating with Red Team, Penetration Testing, and Bug Bounty professionals—highly specialized experts who identify vulnerabilities so the business can address them proactively. Fridays are dedicated to research and development, allowing the team to pursue training in emerging offensive security technologies, tools, large language models (LLMs), artificial intelligence, and other relevant topics.

Mission & Impact

• Run high-fidelity threat-actor and control-validation campaigns, maintain agent health, convert raw BAS platform test results into actionable findings, and track them in the enterprise risk management platform. You will leverage your offensive security expertise to determine the most effective approach for executing simulations, design appropriate test cases for specific security countermeasures, and manage multiple projects simultaneously.
• Your week includes reviewing the latest products from the Threat Intelligence team on a specific threat actor, chaining custom Tactics, Techniques, and Procedures (TTPs) for a Threat Simulation, and developing complementary custom test cases using the platform’s Python API. Additional responsibilities involve initiating a bi-weekly Security Baseline, collaborating with SIEM Engineering to tune detection logic after analyzing recent baseline results, writing concise findings for documentation in the enterprise risk management system, and conducting in-depth analysis of IOC Validation gaps.
• Why it matters: Every campaign you launch identifies real-world weaknesses before attackers can exploit them, providing Engineering and Threat Management and Response teams with valuable data to strengthen security countermeasures, review architectural and strategic security decisions, and enhance our overall security posture.
• You’ll excel in this role if you are proficient in Python, enjoy transforming cyber threat intelligence into high-fidelity TTPs, thrive at mapping attacker behavior to potential detection telemetry, and prefer presenting evidence-based dashboards over debating hypotheticals.

Key Responsibilities

• Campaign Delivery: Build and execute threat-actor and control-validation campaigns using the BAS platform's pre-built threat simulation libraries, supplemented by custom test cases developed through the Python API to address specific TTPs not covered by the vendor. Ensure campaigns meet service level agreements, such as a two-week turnaround for pre-built threat simulations, while operating with limited guidance on moderately complex campaign development.
• Tool Operation & Tuning: Maintain agents, payload sets, and scheduling with considerable autonomy. Automate bi-weekly security baseline runs and create synthetic unit tests when there are changes in countermeasure configurations or architecture. Apply advanced technical knowledge to resolve complex issues.
• Data & Reporting: Draft actionable findings for SOC/IR and organize risk items within the Findings-Analysis workstream for documentation. Use independent judgment to analyze and evaluate variable factors such as network architecture, agent configuration, and detection capabilities.
• Strategic Collaboration: Collaborate with the CTI team on priority TTPs, verify annual coverage, and share new test cases with the broader team. Make recommendations regarding testing approaches based on offensive security expertise and experience.
• Continuous Improvement: Propose enhancements to security countermeasures, address detection or alerting gaps, and suggest new service-line use cases to the Lead for roadmap consideration. Your technical insights and proactive recommendations will have a significant influence on the BAS strategy.

Use your skills to make an impact
 

Minimum Qualifications

• Minimum 3 years of experience in offensive security roles such as Red Team, Penetration Testing, or Bug Bounty programs
• Intermediate to advanced proficiency in Python programming, or equivalent experience with interpreted languages such as PowerShell, Bash, or Ruby
• Independent technical problem-solving and analysis
• Experience with major Cloud Service Providers, including AWS, GCP, and Azure
• Demonstrated ability to work autonomously on complex technical assignments
• Experience utilizing Threat Intelligence to guide offensive security operations
• Experience testing endpoints protected by solutions such as Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne
• Interest in building and testing large language models (LLMs), machine learning models, AI infrastructure, MCP, prompt engineering, and applying these technologies to offensive security operations

Preferred Qualifications

• Minimum 5 years of experience in any of the following areas:
  • Malware development
  • Advanced Red Team operations and threat simulation
  • Threat hunting or digital forensics in enterprise environments
  • Analyzing and gathering intelligence on threat actors and their TTPs
• Published speaking engagements at industry conferences such as DEF CON, BSIDES, x33fcon, Black Hat, etc.
• Relevant industry certifications, including but not limited to: OSCP, OSWE, OSED, OSCE3, CRTP, CRTE, CRTO, CRTL, CPTS, CBBH, CWEE, CAPE, MalDev Academy, OpenSecurityTraining2
• Experience with building and breaking LLMs, machine learning models, AI infrastructure, MCP, prompt engineering, and applying these technologies to offensive security operations

Remote/WAH requirements:

• WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
• A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.  
• Satellite and Wireless Internet service is NOT allowed for this role.
• A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.

Scheduled Weekly Hours

40

Pay Range

The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.

 

$117,600 - $161,700 per year

 

This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.

Description of Benefits

Humana, Inc. and its affiliated subsidiaries (collectively, “Humana”) offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.

Application Deadline: 07-15-2025
About us
 Humana Inc. (NYSE: HUM) is committed to putting health first – for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health – delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large.

​
Equal Opportunity Employer

It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.