Lead, Offensive Security

HumanaLouisville, KY
Remote

About The Position

We're standing up a new AI & Offensive Tooling capability inside our Offensive Security organization, and we're looking for its founding engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform that powers our penetration testing and red team operations, and build the AI-driven tooling that makes every offensive service line faster, broader, and more autonomous. This is a hands-on building role with the scope of a technical lead: you set the technical direction for offensive AI at the company, and you ship the software that proves it. It's a rare chance to build autonomous offensive security capabilities from the ground up, responsibly, inside a program that helps protect the health data of millions of people. Join a 100% remote, highly specialized offensive security team where you will have access to Hack The Box Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets. These resources will enable you to continuously advance your expertise while working on industry-leading Offensive Security challenges at scale. You will be part of the Offensive Security organization, collaborating with Red Team, Penetration Testing, and Breach and Attack Simulation (BAS) professionals, highly specialized experts who identify vulnerabilities so the business can address them proactively. Fridays are dedicated to research and development, allowing the team to pursue training in emerging offensive security methodologies, tools, agents, large language models (LLMs), artificial intelligence, and other bleeding edge topics.

Requirements

  • Selected candidate is required to reside 60 mins from one of the following locations: (Louisville KY, NYC Metro, Dallas Metro, Charlotte NC Metro, South Florida(Tampa/Miami/Ft Lauderdale) , Washington DC metro, Chicago, Boston, Atlanta, Nashville)
  • 6+ years in roles such as Red Team or Penetration Testing, including team- or program-level leadership, and the instinct to think like an attacker against systems that don't behave deterministically.
  • Strong track record of building and operating production-quality software and tooling, not only scripts.
  • Hands-on designing, building, or operating AI agents or LLM applications: agentic workflows, tool/function-calling, and orchestration.
  • Hands-on testing of AI/ML systems: prompt injection, jailbreaking, and adversarial techniques.
  • Production experience with at least one major Cloud Service Provider (AWS, GCP, or Azure).
  • Ability to provide a high speed DSL or cable modem for a home office.
  • A minimum standard speed for optimal performance of 25x10 (25mbps download x 10mbps upload) is required.
  • Satellite and Wireless Internet service is NOT allowed for this role.
  • A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information.
  • Minimum download speed of 25 Mbps and an upload speed of 10 Mbps is required; wireless, wired cable or DSL connection is suggested.
  • Work from a dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information.

Nice To Haves

  • Built autonomous or semi-autonomous offensive agents, LLM-driven penetration-testing agents, or reinforcement-learning exploit and attack-path planners.
  • Hands-on with AI red-teaming frameworks such as PyRIT or Garak , and fluent in MITRE ATLAS , the OWASP Top 10 for LLM Applications , and the NIST AI Risk Management Framework .
  • Model Context Protocol (MCP) : building clients/servers, or testing them and RAG pipelines for tool/prompt-injection abuse.
  • Demonstrated ability to test endpoints protected by modern EDR/XDR; experience across multiple cloud providers; threat-intelligence-driven operations.
  • Depth in an advanced offensive specialty : malware development, advanced Red Team operations and threat simulation, or adversarial ML research; experience building and breaking LLMs, ML models, and AI infrastructure.
  • Published research, open-source contributions, or talks at DEF CON, BSides, x33fcon, or Black Hat; expert-level certifications (e.g. OSEE, OSED, OSCE3, CRTL, CWEE, CAPE).

Responsibilities

  • Build autonomous and semi-autonomous agents that perform real offensive operations against networks, web applications, and infrastructure.
  • Develop LLM-driven planning loops that reason through reconnaissance, exploitation, privilege escalation, and lateral movement.
  • Implement multi-agent orchestration for breadth.
  • Create tool/function-calling that drives real offensive tooling.
  • Red-team the enterprise's own AI—LLM-powered products, agents, RAG pipelines, and ML applications, against prompt injection, jailbreaks, model extraction and inversion, membership inference, data and supply-chain poisoning, evasion, and agent tool/sandbox abuse.
  • Validate that guardrails and classifiers actually hold.
  • Operate this as a production, event-driven cloud platform at real scale, dozens of serverless functions, change-stream data pipelines, hundreds of operational alarms, and integrated LLM inference.
  • Own the platform's architecture, roadmap, and day-to-day operation.
  • Advise Offensive Security leadership on strategy.
  • Embed with each service line rather than build in isolation.
  • Ship production-grade software with engineering rigor (reproducibility, evaluation, safety guardrails, human-in-the-loop where offensive operations demand it).
  • Deliver findings and tooling with reproduction steps, severity, business impact, and remediation.
  • Track risk in the enterprise risk platform.
  • Operate within the organization's acceptable-use-of-AI policies and offensive security rules of engagement.

Benefits

  • Access to Hack The Box Pro Labs
  • All HTB role-based training paths and certifications
  • Discretionary certification funding
  • Conference/training budgets
  • Medical benefits
  • Dental benefits
  • Vision benefits
  • 401(k) retirement savings plan
  • Time off (including paid time off, company and personal holidays, paid parental and caregiver leave)
  • Short-term disability
  • Long-term disability
  • Life insurance
  • Bonus incentive plan
  • Payment for internet expense (for associates or contractors who live and work from home in the state of California)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service