Lead Offensive Security Engineer (Remote)

Others - USA

Monthly Salary: Not Disclosed

Posted on: 6 hours ago

Vacancies: 1 Vacancy

Job Summary

Experians Offensive Security team is charged with improving the organizations security posture through clarifying risk and verifying the efficacy of our technical people physical and process controls from an attacker order to accomplish this the team performs regular Adversary Simulation (Red Team) testing leads and contributes to Purple Team Exercises and performs ad-hoc and tactical Assessments based on changes to the threat landscape and organizational needs.

As a Lead Engineer within the Offensive Security team you will participate in and lead the design and execution of both campaign-based adversary simulation assessments and tactical assessments while contributing to collaborative purple team exercises.

You will report to the Head of Offensive Security.

Youll have the opportunity to:

Collaborate with other teams within the Cyber Fusion Center and the wider organization to ensure threat-informed Cyber Risks are understood and articulated with a goal of contributing to the successful defense of the organization.
Support Offensive Securitys engagement at multiple organizational levels from senior leaders to technical analysts to help guide risk understanding and verify the efficacy of remediation/mitigative actions.
Participate in performing physical exploitation network exploitation and social engineering assessments against authorized targets.
Leverage Cyber Threat Intelligence Offensive Security Research previous Adversary Simulation (Red Team) findings and internal risk intelligence to develop test cases demonstrating TTP effectiveness against Experians control environment.
Help establish and lead Social Engineering and Human Risk Assurance functions.
Work with the team to provide remediation recommendations across the organization to aid with remediation/mitigation of identified Cyber Risks.
Develop scripts tools and methodologies to increase Offensive Securitys capabilities and educate other team members.
Use AI tools to help with Offensive Security activities while complying with Experians Acceptable Use of AI policies and Offensive Security Rules of Engagement.
Use MITRE ATT&CK Framework and other structured attack analysis tools to describe and classify attacker methodology and significance.

Qualifications :

Your background:

8 years of cybersecurity experience 3 years of experience in offensive security and adversary simulation.
Understanding of Human Risk and experience performing social engineering assessments which can move the needle on Human Risk.
Detailed knowledge of global cyber threats threat actors and the tactics techniques and procedures used by cyber adversaries specifically those targeting the financial services and healthcare sectors.
3 years of experience in two or more of the following areas:
- Network penetration testing and manipulation of network infrastructure
- Web application penetration testing assessments
- Email phone or physical social-engineering assessments
- Developing extending or modifying exploits shell code or exploit
- Covert physical intrusion
- Cloud security or penetration testing (any major provider)
Proficient in attacker tooling including post-exploitation frameworks and tooling.
Proficient in one or more of the following programming/scripting languages (C C C# Go Python PowerShell Bash or Ruby).
Knowledge of current cloud attack methodologies and mitigations.
Knowledge of Windows Operating System architecture and internals and use thereof in an enterprise environment.
Social Engineering knowledge such as OSINT spear phishing vishing and other initial access methods.
Knowledge of core Information Technology concepts such as TCP/IP networking Windows & Active Directory Unix/Linux Mainframe Cloud Service Providers Relational Databases Data Warehouses and filesystems.
Knowledge of IT technologies and methods to secure them specifically for databases SharePoint storage area networks cloud-based storage and data warehouses.
Knowledge of GenAI platforms and how they can be combined with agentic workflows.
Industry certifications such as OSCP OSCE OSWE GPEN GCIH GWAPT GXPN or equivalent experience.

Additional Information :

Benefits/Perks:

Great compensation package and bonus plan.
Core benefits including medical dental vision and matching 401K.
Flexible work environment ability to work remote hybrid or in-office.
Flexible time off including volunteer time off vacation sick and 12-paid holidays.
Explore all our exciting benefits here: Experian our people and culture set us apart. Were committed to creating an environment where everyone feels they belong and can excel. From inclusion and authenticity to work/life balance development wellness collaboration and recognition we focus on what matters. Our people-first approach has earned us global recognition: Worlds Best Workplaces 2024 (Fortune Top 25) Great Place To Work 2025 in 26 countries and Glassdoor Best Places to Work 2024 among others.
Want to see what life at Experian is really like Explore Experian Life on social or visit our careers site.
Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range individual pay is determined by work location and additional factors such as job-related skills experience and education. You will be also eligible for a variable pay opportunity.
Experian is proud to be an Equal Opportunity Employer for all groups protected under applicable federal state and local law including protected veterans and individuals with disabilities. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.

#LI-Remote
This is a remote position.

Remote Work :
Yes

Employment Type :
Full-time

You will report to the Head of Offensive Security.

Youll have the opportunity to:

Collaborate with other teams within the Cyber Fusion Center and the wider organization to ensure threat-informed Cyber Risks are understood and articulated with a goal of contributing to the successful defense of the organization.
Support Offensive Securitys engagement at multiple organizational levels from senior leaders to technical analysts to help guide risk understanding and verify the efficacy of remediation/mitigative actions.
Participate in performing physical exploitation network exploitation and social engineering assessments against authorized targets.
Leverage Cyber Threat Intelligence Offensive Security Research previous Adversary Simulation (Red Team) findings and internal risk intelligence to develop test cases demonstrating TTP effectiveness against Experians control environment.
Help establish and lead Social Engineering and Human Risk Assurance functions.
Work with the team to provide remediation recommendations across the organization to aid with remediation/mitigation of identified Cyber Risks.
Develop scripts tools and methodologies to increase Offensive Securitys capabilities and educate other team members.
Use AI tools to help with Offensive Security activities while complying with Experians Acceptable Use of AI policies and Offensive Security Rules of Engagement.
Use MITRE ATT&CK Framework and other structured attack analysis tools to describe and classify attacker methodology and significance.

Qualifications :

Your background:

8 years of cybersecurity experience 3 years of experience in offensive security and adversary simulation.
Understanding of Human Risk and experience performing social engineering assessments which can move the needle on Human Risk.
Detailed knowledge of global cyber threats threat actors and the tactics techniques and procedures used by cyber adversaries specifically those targeting the financial services and healthcare sectors.
3 years of experience in two or more of the following areas:
- Network penetration testing and manipulation of network infrastructure
- Web application penetration testing assessments
- Email phone or physical social-engineering assessments
- Developing extending or modifying exploits shell code or exploit
- Covert physical intrusion
- Cloud security or penetration testing (any major provider)
Proficient in attacker tooling including post-exploitation frameworks and tooling.
Proficient in one or more of the following programming/scripting languages (C C C# Go Python PowerShell Bash or Ruby).
Knowledge of current cloud attack methodologies and mitigations.
Knowledge of Windows Operating System architecture and internals and use thereof in an enterprise environment.
Social Engineering knowledge such as OSINT spear phishing vishing and other initial access methods.
Knowledge of core Information Technology concepts such as TCP/IP networking Windows & Active Directory Unix/Linux Mainframe Cloud Service Providers Relational Databases Data Warehouses and filesystems.
Knowledge of IT technologies and methods to secure them specifically for databases SharePoint storage area networks cloud-based storage and data warehouses.
Knowledge of GenAI platforms and how they can be combined with agentic workflows.
Industry certifications such as OSCP OSCE OSWE GPEN GCIH GWAPT GXPN or equivalent experience.

Additional Information :

Benefits/Perks:

Great compensation package and bonus plan.
Core benefits including medical dental vision and matching 401K.
Flexible work environment ability to work remote hybrid or in-office.
Flexible time off including volunteer time off vacation sick and 12-paid holidays.
Explore all our exciting benefits here: Experian our people and culture set us apart. Were committed to creating an environment where everyone feels they belong and can excel. From inclusion and authenticity to work/life balance development wellness collaboration and recognition we focus on what matters. Our people-first approach has earned us global recognition: Worlds Best Workplaces 2024 (Fortune Top 25) Great Place To Work 2025 in 26 countries and Glassdoor Best Places to Work 2024 among others.
Want to see what life at Experian is really like Explore Experian Life on social or visit our careers site.
Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range individual pay is determined by work location and additional factors such as job-related skills experience and education. You will be also eligible for a variable pay opportunity.
Experian is proud to be an Equal Opportunity Employer for all groups protected under applicable federal state and local law including protected veterans and individuals with disabilities. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.

#LI-Remote
This is a remote position.

Remote Work :
Yes

Employment Type :
Full-time

Key Skills

Splunk
IDS
Network security
Computer Networking
Identity & Access Management
PKI
PCI
NIST Standards
Security System Experience
Information Security
Encryption
Siem

Apply Now

About Company

Experian

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click