Sr. Staff Offensive Security Operator- Eng

About The Position

Requirements

• 8+ years of experience in offensive security, red teaming, or penetration testing in enterprise environments
• 5+ years conducting red team engagements against cloud environments including multi-tenant architectures
• Deep expertise in at least 3: network exploitation, web application security, Active Directory attacks, cloud infrastructure attacks, social engineering, physical security
• Strong proficiency in AI, Python, Go, or C/C++ for offensive tool development and automation
• Demonstrated experience building automated security testing tools, frameworks, or pipelines
• Experience with Kubernetes, container security, and cloud-native attack techniques
• Experience with C2 frameworks and adversary simulation platforms
• Knowledge of MITRE ATT&CK framework and adversary emulation methodology
• Experience with AI/ML security — attacking AI systems, prompt injection, model poisoning, or building AI-powered offensive tools
• Experience developing autonomous security testing agents using LLMs
• Excellent written and verbal communication skills — ability to translate technical findings into business risk for executive audiences
• Bachelor's degree in Computer Science, Cybersecurity, or equivalent experience

Nice To Haves

• Published CVEs, security research papers, or conference presentations (DEF CON, Black Hat, etc.)
• Experience in SaaS/multi-tenant environments processing sensitive data (HCM, payroll, healthcare, financial)
• OSCP, OSCE, OSEP, CRTO, GXPN, or equivalent offensive security certifications
• Familiarity with .NET, Java/Kotlin, and legacy application security assessment
• Experience building infrastructure-as-code (Terraform, Pulumi) for red team operations
• Prior experience in a Sr. Staff / Principal level role with cross-team technical leadership

Responsibilities

• Plan and execute full-scope red team engagements (network, application, cloud, social engineering) against UKG's production and corporate environments
• Conduct assume-breach exercises targeting multi-tenant infrastructure to validate cross-tenant isolation and breakout resistance
• Perform adversary emulation aligned with MITRE ATT&CK framework, simulating nation-state and criminal threat actor TTPs relevant to the HCM/payroll industry
• Execute purple team exercises with the SOC to validate detection coverage and response capabilities
• Conduct M&A security assessments for newly acquired companies and integrations
• Deliver executive-level readouts and technical reports that translate offensive findings into business risk language
• Design, build, and maintain autonomous security testing frameworks that leverage AI/ML for vulnerability discovery, exploit chain generation, and attack path analysis
• Develop AI-assisted reconnaissance and target enumeration tools using LLMs (Claude) and custom agents for scalable attack surface analysis
• Build and operate continuous automated red teaming pipelines that test UKG's defenses without manual intervention
• Create AI-powered C2 frameworks, payload generators, and evasion tools that adapt to defensive controls in real-time
• Integrate offensive tooling with Claude, MCP servers, and enterprise AI infrastructure for AI-assisted security operations
• Develop automation that generates findings, routes tickets, and tracks remediation — reducing the gap between discovery and fix
• Drive the red team's technical strategy and roadmap, identifying high-value targets and emerging attack surfaces (Product, Custom AI, and cloud-native services)
• Mentor and develop junior offensive security operators, building team capability in AI-augmented offensive techniques
• Represent the red team in cross-functional security initiatives, architecture reviews, and incident response when offensive expertise is needed
• Maintain awareness of emerging threats, zero-day vulnerabilities, and adversary tradecraft relevant to UKG's technology stack
• Publish internal research on novel attack techniques, AI-assisted exploitation, and cloud security assessment methodology
• Contribute to the team's Claude Code skills store and shared automation repositories
• Develop and maintain red team infrastructure (honeypots, C2, phishing platforms) using infrastructure-as-code
• Stay current on offensive security conferences, findings, etc - and incorporate new techniques into operations

Benefits

• UKG offers a comprehensive total rewards package including competitive base salary, annual bonus, equity, full medical/dental/vision, 401(k) match, unlimited PTO, and professional development budget.