Senior Engineer, Offensive Security

The Senior Engineer, Offensive Security, executes high-fidelity threat actor and control validation campaigns within our BAS program. This role influences functional area strategy through technical expertise, operates with considerable autonomy on moderately complex assignments, and makes recommendations to leadership based on advanced knowledge and experience. The position focuses on Breach and Attack Simulation operations, campaign delivery, and detailed analysis, while also contributing to the overall direction of the program. Join a 100% remote, highly specialized offensive security team where you will have access to Hack TheBox Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets. These resources will enable you to continuously advance your expertise while working on industry-leading BAS challenges at scale. You will be part of Cyber Threat Simulation (CTS), collaborating with Red Team, Penetration Testing, and Bug Bounty professionals—highly specialized experts who identify vulnerabilities so the business can address them proactively. Fridays are dedicated to research and development, allowing the team to pursue training in emerging offensive security technologies, tools, large language models (LLMs), artificial intelligence, and other relevant topics. Run high-fidelity threat-actor and control-validation campaigns, maintain agent health, convert raw BAS platform test results into actionable findings, and track them in the enterprise risk management platform. You will leverage your offensive security expertise to determine the most effective approach for executing simulations, design appropriate test cases for specific security countermeasures, and manage multiple projects simultaneously. Your week includes reviewing the latest products from the Threat Intelligence team on a specific threat actor, chaining custom Tactics, Techniques, and Procedures (TTPs) for a Threat Simulation, and developing complementary custom test cases using the platform’s Python API. Every campaign you launch identifies real-world weaknesses before attackers can exploit them, providing Engineering and Threat Management and Response teams with valuable data to strengthen security countermeasures, review architectural and strategic security decisions, and enhance our overall security posture. You’ll excel in this role if you are proficient in Python, enjoy transforming cyber threat intelligence into high-fidelity TTPs, thrive at mapping attacker behavior to potential detection telemetry, and prefer presenting evidence-based dashboards over debating hypotheticals. Campaign Delivery: Build and execute threat-actor and control-validation campaigns using the BAS platform's pre-built threat simulation libraries, supplemented by custom test cases developed through the Python API to address specific TTPs not covered by the vendor. Ensure campaigns meet service level agreements, such as a two-week turnaround for prebuilt threat simulations, while operating with limited guidance on moderately complex campaign development. Tool Operation & Tuning: Maintain agents, payload sets, and scheduling with considerable autonomy. Automate bi-weekly security baseline runs and create synthetic unit tests when there are changes in countermeasure configurations or architecture. Apply advanced technical knowledge to resolve complex issues. Data & Reporting: Draft actionable findings for SOC/IR and organize risk items within the Findings-Analysis workstream for documentation. Use independent judgment to analyze and evaluate variable factors such as network architecture, agent configuration, and detection capabilities. Strategic Collaboration: Collaborate with the CTI team on priority TTPs, verify annual coverage, and share new test cases with the broader team. Make recommendations regarding testing approaches based on offensive security expertise and experience. Continuous Improvement: Propose enhancements to security countermeasures, address detection or alerting gaps, and suggest new service-line use cases to the Lead for roadmap consideration. Your technical insights and proactive recommendations will have a significant influence on the BAS strategy. Use your skills to make an impact