Offensive Security Analyst II at JM Family Enterprises is responsible for designing, building, and scaling offensive security capabilities through adversary-focused testing, attack simulation, and ...
Offensive Security Analyst II at JM Family Enterprises is responsible for designing, building, and scaling offensive security capabilities through adversary-focused testing, attack simulation, and ...
Information Security - Offensive Security Analyst
Deerfield Beach, FL · On-site
$100K - $110K/yr
Information Security - Offensive Security Analyst Location: Deerfield Beach, FL (Hybrid 3/2) Duration: Direct Hire Compensation: $100,000 - $110,000 Work Requirements: US Citizen, GC Holders or ...
Information Security - Offensive Security Analyst
Deerfield Beach, FL · On-site
$100K - $110K/yr
Information Security - Offensive Security Analyst Location: Deerfield Beach, FL (Hybrid 3/2) Duration: Direct Hire Compensation: $100,000 - $110,000 Work Requirements: US Citizen, GC Holders or ...
The Adversarial AI Offensive Security Analyst, Senior Specialst is a senior individual contributor role on the Offensive Security & Fraud Testing (OSFT) team. The mission of this role is to harness ...
The Adversarial AI Offensive Security Analyst, Senior Specialst is a senior individual contributor role on the Offensive Security & Fraud Testing (OSFT) team. The mission of this role is to harness ...
The Adversarial AI Offensive Security Analyst, Senior Specialst is a senior individual contributor role on the Offensive Security & Fraud Testing (OSFT) team. The mission of this role is to harness ...
The Adversarial AI Offensive Security Analyst, Senior Specialst is a senior individual contributor role on the Offensive Security & Fraud Testing (OSFT) team. The mission of this role is to harness ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
Sr Analyst, Information Security - (Offensive Security)
Mooresville, NC · On-site
$95K - $180K/yr
As a Senior Analyst of Offensive Security, you will conduct advanced penetration tests and red team assessments across our applications, networks, and systems. You will collaborate with cross ...
Sr Analyst, Information Security - (Offensive Security)
Mooresville, NC · On-site
$95K - $180K/yr
As a Senior Analyst of Offensive Security, you will conduct advanced penetration tests and red team assessments across our applications, networks, and systems. You will collaborate with cross ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber ...
The AI & Offensive Security Analyst is a hands-on practitioner role within Citi's Advanced Pentesting & Research team. This position is responsible for driving offensive security research ...
The AI & Offensive Security Analyst is a hands-on practitioner role within Citi's Advanced Pentesting & Research team. This position is responsible for driving offensive security research ...
The Offensive Security Engineer is responsible for conducting intelligenceled threat emulation and ... Assists in tuning and validating security controls, alerts, analytics, and incident response ...
The Offensive Security Engineer is responsible for conducting intelligenceled threat emulation and ... Assists in tuning and validating security controls, alerts, analytics, and incident response ...
Offensive Solutions Architect
Arlington, VA · On-site
$72.50 - $95.50/hr
You've spent years in offensive cyber operations and intelligence analysis. You're the person key stakeholders seek out before they do hard things. You understand how missions actually run across ...
Offensive Solutions Architect
Arlington, VA · On-site
$72.50 - $95.50/hr
You've spent years in offensive cyber operations and intelligence analysis. You're the person key stakeholders seek out before they do hard things. You understand how missions actually run across ...
Offensive Solutions Architect
Augusta, GA · On-site
$59.25 - $78/hr
You've spent years in offensive cyber operations and intelligence analysis. You're the person key stakeholders seek out before they do hard things. You understand how missions actually run across ...
Offensive Solutions Architect
Augusta, GA · On-site
$59.25 - $78/hr
You've spent years in offensive cyber operations and intelligence analysis. You're the person key stakeholders seek out before they do hard things. You understand how missions actually run across ...
The Offensive Security Engineer is responsible for conducting intelligence-led threat emulation and ... Assists in tuning and validating security controls, alerts, analytics, and incident response ...
The Offensive Security Engineer is responsible for conducting intelligence-led threat emulation and ... Assists in tuning and validating security controls, alerts, analytics, and incident response ...
Football Coach Offensive Line
Tracy, CA · On-site
$1.0K/hr
... Analyze game film to improve player performance and prepare for opponents Promote strength ... of offensive line play and football strategy Ability to teach and motivate student-athletes of ...
Football Coach Offensive Line
Tracy, CA · On-site
$1.0K/hr
... Analyze game film to improve player performance and prepare for opponents Promote strength ... of offensive line play and football strategy Ability to teach and motivate student-athletes of ...
Offensive Analyst information
See salary details
$36.5K - $54K
24% of jobs
$54.5K is the 25th percentile. Wages below this are outliers.
$54K - $71.4K
16% of jobs
The median wage is $80.6K / yr.
$71.4K - $88.9K
18% of jobs
$104.8K is the 75th percentile. Wages above this are outliers.
$88.9K - $106.3K
18% of jobs
$106.3K - $123.8K
11% of jobs
$123.8K - $141.2K
4% of jobs
$141.2K - $158.7K
1% of jobs
$158.7K - $176.1K
1% of jobs
$176.1K - $193.6K
2% of jobs
$193.6K - $211K
2% of jobs
$211K - $228.5K
2% of jobs
$36.5K
$97.7K
$228.5K
How much do offensive analyst jobs pay per year?
What are some common challenges faced by Offensive Analysts when conducting penetration tests within organizations?
What is the difference between Offensive Analyst vs Defensive Analyst?
| Aspect | Offensive Analyst | Defensive Analyst |
|---|---|---|
| Credentials | Typically requires cybersecurity certifications like OSCP, CEH, or GIAC certifications | Similar certifications such as CISSP, GIAC certifications, or CEH are common |
| Work Environment | Engages in proactive testing, penetration testing, and simulating attacks to identify vulnerabilities | Focuses on monitoring, threat detection, and defending against cyber threats |
| Employer & Industry Usage | Used by cybersecurity firms, IT departments, and government agencies to identify security gaps | Commonly employed in security operations centers (SOCs) and enterprise security teams |
While both roles require cybersecurity knowledge and certifications, Offensive Analysts focus on simulating attacks to find vulnerabilities, whereas Defensive Analysts work to detect and prevent cyber threats. Both are essential for comprehensive cybersecurity strategies.
What is an Offensive Analyst?
What are the key skills and qualifications needed to thrive as an Offensive Analyst, and why are they important?

Full-time
Posted 11 days ago
JM Family Enterprises rating
9.1
Based on 15 frontline employees who took The Breakroom Quiz
3rd of 143 rated car dealerships
Job description
They will support transformation of offensive security program from a predominantly tool- and vendor-driven model to a build-first approach, leveraging software engineering, automation, and AI-assisted techniques to improve the coverage, depth, and repeatability of offensive security activities.
Responsibilities include but are not limited to:
- Conduct offensive security activities including penetration testing, attack simulations, threat-based assessments, and control validation across on-prem, cloud, identity, and SaaS environments.
- Execute and assist in the development of red team and purple team exercises, collaborating with detection and response teams to validate defensive coverage.
- Perform vulnerability and exploitation analysis, including chaining weaknesses to demonstrate real-world attack paths and business risk.
- Identify, validate, and responsibly disclose security weaknesses to stakeholders, providing clear remediation guidance and risk context.
- Design, develop, and maintain custom offensive security tooling (Python, PowerShell, Bash, or similar), including frameworks, reusable modules, and automation that scale testing beyond point-in-time assessments.
- Evaluate when to build versus buy offensive security capabilities, with a bias toward internal tooling where it improves flexibility, visibility, or speed of iteration.
- Incorporate AI-assisted techniques (e.g., automation, chaining analysis, signal prioritization) to increase testing efficiency and analyst leverage.
- Contribute documentation such as test reports, playbooks, findings templates, and executive-level summaries.
- Contribute to the long-term architecture of the offensive security program, including shared libraries, testing pipelines, data models, and reporting outputs optimized for reuse and scale.
- Mentor junior analysts and contribute to team knowledge sharing.
- Partner with application and platform engineering teams not only to test systems, but to co-design secure patterns, reference implementations, and reusable testing components.
- Build developer-consumable assets (templates, scripts, sample exploits, safe test harnesses) that enable teams to self-validate security assumptions earlier in the SDLC.
- Provide developer-friendly remediation guidance, proof-of-concepts, and secure coding recommendations that are actionable and aligned to real-world development workflows.
- Support the integration and tuning of security testing tools within CI/CD pipelines, balancing detection depth with developer experience and signal quality.
- Collaborate with Security Engineering and Application teams to improve self-service security capabilities, documentation, and testing patterns that developers can reuse.
- Participate in post-testing debriefs with developers to educate, coach, and improve security outcomes-not just report findings
Qualifications:
- Hands-on experience with penetration testing, red team, purple team, or adversary emulation activities.
- Strong understanding of Windows, Active Directory, Azure/Entra ID, networking, cloud platforms, and SaaS architectures.
- Experience with common offensive security tools and frameworks (e.g., C2 frameworks, vulnerability scanners, exploit frameworks).
- Knowledge of MITRE ATT&CK, kill chains, and attacker tradecraft.
- Experience validating security controls such as EDR, SIEM, identity protections, email security, and cloud security controls.
- Strong scripting and automation skills; ability to customize or build tools to support testing objectives.
- Ability to translate technical findings into clear risk-based narratives for technical and non-technical audiences.
- Strong analytical, problem-solving, and critical-thinking skills.
- Ability to work independently while collaborating effectively in cross-functional teams.
- High attention to detail with a strong sense of ethics and responsible disclosure.
- Experience working directly with software engineers to remediate vulnerabilities and improve secure development practices.
- Understanding of modern SDLC and CI/CD pipelines, including how security testing fits into developer workflows.
- Familiarity with secure coding practices and common vulnerability classes in modern applications (web, APIs, cloud-native services).
- Ability to communicate security findings in a way that developers can quickly understand, prioritize, and fix.
- Mindset oriented toward enablement over enforcement, with a focus on reducing friction while improving security outcomes.
- Background in software engineering, platform engineering, or SRE, with a desire to specialize in security.
- Experience designing or maintaining production-quality code, not just scripts.
- Comfort working with APIs, data pipelines, CI/CD systems, and cloud-native services as part of security capability development.
- Curiosity and practical interest in applying AI/ML-assisted techniques to security testing, automation, and analysis.
#LI-AM1
#LI-HYBRID
This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at any time at the sole discretion of JM Family. All work arrangements are subject to associate performance, business need and manager discretion, and may be revised as necessary.
JM FAMILY IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYER
JM Family Enterprises, Inc. is an Equal Employment Opportunity employer. We are committed to recruiting, hiring, retaining, and promoting qualified associates without regard any characteristic protected by law - whether actual or perceived - including race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth, related medical conditions and lactation), gender identity gender expression, sexual orientation, marital status, military service, veteran status, disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state, provincial, or local law.
DISABILITY ACCOMMODATIONS
If you have a disability and require a reasonable accommodation to complete the job application process, please contact JM Family's Talent Acquisition department at talentacquisition@jmfamily.com for assistance. If you have an accommodation request for one of our recruiting events, please notify us at least 72 hours prior so that we may provide assistance.
What JM Family Enterprises employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About JM Family Enterprises
Sourced by ZipRecruiter
Industry
Motor vehicle manufacturing
Company size
5,001 - 10,000 Employees
Headquarters location
Deerfield Beach, FL, US
Year founded
1968