Breach & Attack Simulation Lead Engineer (remote virtual)

Description

We are seeking a highly skilled and experienced individual to join our team as a Breach and Attack Simulation (BAS) Engineer. In this role, you will be responsible for conducting simulated attacks through the organization's Breach and Attack Simulation platform to identify vulnerabilities and assess the effectiveness of our security measures.

Responsibilities

Breach & Attack Simulation Lead Engineer

Job Profile Summary

We are seeking a highly skilled and experienced individual to join our team as a Breach and Attack Simulation (BAS) Engineer. In this role, you will be responsible for conducting simulated attacks through the organization's Breach and Attack Simulation platform to identify vulnerabilities and assess the effectiveness of our security measures.

To succeed in this role, you must have strong threat/attacker-oriented mindset with working knowledge and experience with red team operations, MITRE ATT&CK framework, threat intelligence, incident response, and engineering experience. You should also be well-versed in detection and prevention techniques, as well as able to analyze complex data and recommend solutions to improve security posture.

In this role, you will work closely with multiple security teams to identify and prioritize areas for improvement and develop effective strategies to prevent and mitigate potential cyber threats. You will also be responsible for staying up-to-date on the latest developments in the field, including new attack techniques and emerging technologies.

Overall, the ideal candidate for this role is a highly motivated, detail-oriented individual with a passion for cybersecurity and a track record of success in similar roles. If you are ready to take on this challenging and rewarding role, we encourage you to apply.

Qualifications

• Excellent working knowledge of MITRE ATT&CK, threat intelligence, incident response, and offensive security to develop offensive campaigns that leverage that information to identify gaps, test remediation work, and/or ensure control baselines are maintained
• Experience with common offensive security tools and techniques that attackers leverage in their campaigns
• Proficient in the following scripting languages: Python, Bash, and PowerShell
• Excellent written and verbal communication skills
• Proven ability to work independently and as part of a team
• Experience coordinating and prioritizing objectives from multiple teams working with the same project
• Demonstrated problem-solving and critical thinking skills
• Ability to manage multiple projects and prioritize tasks effectively
• Strong understanding of network protocols, architectures, and security solutions
• Ability to document findings and develop clear technical reports
• Preferred bachelor's degree in Computer Science, Information Technology, or a related field
• 5+ years of experience in security engineering, offensive security, blue team, or a related field

Required Qualifications

• a Bachelor's degree
• 8 or more years of experience in Threat and Vulnerability Management
• 2 or more years of project leadership experience
• Highly experienced with the installation and configuration of firewalls, intrusion detection systems, anti-virus software, and vulnerability scanning systems.
• Must be passionate about contributing to an organization focused on continuously improving consumer experiences

Preferred Qualifications

• Master's Degree in a Technical Field
• Security Certification

Additional Information

Humana and its subsidiaries require vaccinated associates who work outside of their home to submit proof of vaccination, including COVID-19 boosters. Associates who remain unvaccinated must either undergo weekly negative COVID testing OR wear a mask at all times while in a Humana facility or while working in the field.

Remote/WAH requirements:

• WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
• A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
• Satellite and Wireless Internet service is NOT allowed for this role.
• A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

Scheduled Weekly Hours

40