Cyber Security Systems Engineer - Lead: Corporate Information Security

Hoag•Costa Mesa, CA

About The Position

The Lead Offensive Security Engineer leads the design, execution, and continuous improvement of Hoag's offensive security program. This role proactively identifies, validates, and assesses vulnerabilities by simulating advanced adversary tactics, techniques, and procedures (TTPs). Provides expert guidance and mentorship, ensuring the organization's security posture is rigorously tested against real-world threats and fully aligned with healthcare regulatory requirements. Leads and conducts advanced, objective-based penetration tests and red team engagements against corporate networks, cloud environments (AWS/Azure), web applications, and mobile applications. Designs and executes security assessments of critical healthcare infrastructure, including the Internet of Medical Things (IoMT), operational technology (OT), and other clinical systems, to identify vulnerabilities affecting patient care and data integrity. Performs targeted social engineering (phishing, vishing, physical) simulations to test and improve human- and process-level security controls. Develops and maintains a modern offensive security toolset; automates engagement tasks and TTP simulation using scripting (Python, PowerShell, etc.). Partners with defensive (Blue Team) and engineering teams to conduct 'Purple Team' exercises, testing and enhancing the effectiveness of defensive controls (SIEM, EDR, CASB). Develops detailed, high-quality reports with actionable remediation recommendations and presents findings to both technical and executive leadership. Mentors junior engineers and provides offensive security subject matter expertise across the organization. Continuously researches emerging adversary TTPs, new vulnerabilities, and exploitation techniques, integrating this intelligence into the testing methodology. Provides technical validation for compliance and risk management (HIPAA, NIST, CIS), demonstrating the real-world impact of identified risks. Assist with advanced incident response and forensic investigations by providing an attacker's perspective and root cause analysis.

Responsibilities

Leads the design, execution, and continuous improvement of Hoag's offensive security program.
Proactively identifies, validates, and assesses vulnerabilities by simulating advanced adversary tactics, techniques, and procedures (TTPs).
Provides expert guidance and mentorship, ensuring the organization's security posture is rigorously tested against real-world threats and fully aligned with healthcare regulatory requirements.
Leads and conducts advanced, objective-based penetration tests and red team engagements against corporate networks, cloud environments (AWS/Azure), web applications, and mobile applications.
Designs and executes security assessments of critical healthcare infrastructure, including the Internet of Medical Things (IoMT), operational technology (OT), and other clinical systems, to identify vulnerabilities affecting patient care and data integrity.
Performs targeted social engineering (phishing, vishing, physical) simulations to test and improve human- and process-level security controls.
Develops and maintains a modern offensive security toolset; automates engagement tasks and TTP simulation using scripting (Python, PowerShell, etc.).
Partners with defensive (Blue Team) and engineering teams to conduct 'Purple Team' exercises, testing and enhancing the effectiveness of defensive controls (SIEM, EDR, CASB).
Develops detailed, high-quality reports with actionable remediation recommendations and presents findings to both technical and executive leadership.
Mentors junior engineers and provides offensive security subject matter expertise across the organization.
Continuously researches emerging adversary TTPs, new vulnerabilities, and exploitation techniques, integrating this intelligence into the testing methodology.
Provides technical validation for compliance and risk management (HIPAA, NIST, CIS), demonstrating the real-world impact of identified risks.
Assist with advanced incident response and forensic investigations by providing an attacker's perspective and root cause analysis.