Offensive Security Engineer
Poughkeepsie, NY ยท On-site
The Offensive Security Engineer is responsible for conducting intelligenceled threat emulation and purple team exercises to simulate realworld adversaries, validate detection and response ...
Poughkeepsie, NY ยท On-site
The Offensive Security Engineer is responsible for conducting intelligenceled threat emulation and purple team exercises to simulate realworld adversaries, validate detection and response ...
Poughkeepsie, NY ยท On-site
The Offensive Security Engineer is responsible for conducting intelligenceled threat emulation and purple team exercises to simulate realworld adversaries, validate detection and response ...
Poughkeepsie, NY ยท On-site
The Offensive Security Engineer is responsible for conducting intelligence-led threat emulation and purple team exercises to simulate real-world adversaries, validate detection and response ...
Poughkeepsie, NY ยท On-site
The Offensive Security Engineer is responsible for conducting intelligence-led threat emulation and purple team exercises to simulate real-world adversaries, validate detection and response ...
Portland, OR ยท On-site
The Mission Praetorian is an expert-driven offensive security company. Our mission is to prevent breaches before they occur. We help organizations shift from an "assume breach" mentality to adopting ...
Portland, OR ยท On-site
The Mission Praetorian is an expert-driven offensive security company. Our mission is to prevent breaches before they occur. We help organizations shift from an "assume breach" mentality to adopting ...
The Mission Praetorian is an expert-driven offensive security company. Our mission is to prevent breaches before they occur. We help organizations shift from an "assume breach" mentality to adopting ...
The Mission Praetorian is an expert-driven offensive security company. Our mission is to prevent breaches before they occur. We help organizations shift from an "assume breach" mentality to adopting ...
$152K - $220K/yr
This role will ensure offensive security services evolve from point-in-time testing toward a continuous assurance model that validates security posture across enterprise, product, and emerging ...
$152K - $220K/yr
This role will ensure offensive security services evolve from point-in-time testing toward a continuous assurance model that validates security posture across enterprise, product, and emerging ...
Austin, TX ยท On-site
The Mission Praetorian is an expert-driven offensive security company. Our mission is to prevent breaches before they occur. We help organizations shift from an "assume breach" mentality to adopting ...
Austin, TX ยท On-site
The Mission Praetorian is an expert-driven offensive security company. Our mission is to prevent breaches before they occur. We help organizations shift from an "assume breach" mentality to adopting ...
Application Offensive Security Consultant Jersey City, New Jersey, United States Job Title: Application Offensive Security Consultant Job Location: Jersey City, NJ Job Type: Contract (Hybrid) Job ...
Application Offensive Security Consultant Jersey City, New Jersey, United States Job Title: Application Offensive Security Consultant Job Location: Jersey City, NJ Job Type: Contract (Hybrid) Job ...
The Offensive Security team is the "red" pulse of this organization. We don't just find bugs - we simulate the adversary to ensure our defenses hold up under real-world pressure. We focus on ...
The Offensive Security team is the "red" pulse of this organization. We don't just find bugs - we simulate the adversary to ensure our defenses hold up under real-world pressure. We focus on ...
Offensive Security Analyst II at JM Family Enterprises is responsible for designing, building, and scaling offensive security capabilities through adversary-focused testing, attack simulation, and ...
Offensive Security Analyst II at JM Family Enterprises is responsible for designing, building, and scaling offensive security capabilities through adversary-focused testing, attack simulation, and ...
Poughkeepsie, NY ยท On-site
Central Hudson is seeking a diligent and experienced Offensive Security Engineer to join their team. This role involves conducting intelligence-led threat emulation and purple team exercises to ...
Poughkeepsie, NY ยท On-site
Central Hudson is seeking a diligent and experienced Offensive Security Engineer to join their team. This role involves conducting intelligence-led threat emulation and purple team exercises to ...
Deerfield Beach, FL ยท On-site
$100K - $110K/yr
Information Security - Offensive Security Analyst Location: Deerfield Beach, FL (Hybrid 3/2) Duration: Direct Hire Compensation: $100,000 - $110,000 Work Requirements: US Citizen, GC Holders or ...
Deerfield Beach, FL ยท On-site
$100K - $110K/yr
Information Security - Offensive Security Analyst Location: Deerfield Beach, FL (Hybrid 3/2) Duration: Direct Hire Compensation: $100,000 - $110,000 Work Requirements: US Citizen, GC Holders or ...
Foresite is looking for a dedicated Offensive Security Engineer to manage and scale our proactive security services built on the Horizon3.ai NodeZero platform. In this role, you will lead the ...
Quick apply
Foresite is looking for a dedicated Offensive Security Engineer to manage and scale our proactive security services built on the Horizon3.ai NodeZero platform. In this role, you will lead the ...
Application Offensive Security Consultant Location: Jersey City, NJ Duration: 6 Months Contract-to-Hire Position Overview: We are seeking an experienced Application Offensive Security Consultant to ...
Quick apply
Apply Early
Application Offensive Security Consultant Location: Jersey City, NJ Duration: 6 Months Contract-to-Hire Position Overview: We are seeking an experienced Application Offensive Security Consultant to ...
Apply Early
The Offensive Security team is the "red" pulse of this organization. We don't just find bugs - we simulate the adversary to ensure our defenses hold up under real-world pressure. We focus on ...
The Offensive Security team is the "red" pulse of this organization. We don't just find bugs - we simulate the adversary to ensure our defenses hold up under real-world pressure. We focus on ...
Seattle, WA ยท Remote
$150K - $200K/yr
As an Offensive Security Engineer at Staris AI, you'll be at the vanguard of the application security profession. This role goes beyond conventional application security and penetration testing; you ...
Quick apply
Seattle, WA ยท Remote
$150K - $200K/yr
As an Offensive Security Engineer at Staris AI, you'll be at the vanguard of the application security profession. This role goes beyond conventional application security and penetration testing; you ...
Kansas City, MO ยท On-site
$83K - $125K/yr
Overview Offensive Security Consultant Hack. Discover. Advise. Make an Impact. Are you passionate about breaking things to make them stronger? Do you thrive on uncovering vulnerabilities before ...
Kansas City, MO ยท On-site
$83K - $125K/yr
Overview Offensive Security Consultant Hack. Discover. Advise. Make an Impact. Are you passionate about breaking things to make them stronger? Do you thrive on uncovering vulnerabilities before ...
San Francisco, CA ยท Hybrid
$134K - $185K/yr
About the role We are seeking a Senior Security Engineer to build and lead our Offensive Security program. In this role, you will attack Chime's services, applications, and infrastructure to discover ...
San Francisco, CA ยท Hybrid
$134K - $185K/yr
About the role We are seeking a Senior Security Engineer to build and lead our Offensive Security program. In this role, you will attack Chime's services, applications, and infrastructure to discover ...
Livingston, NJ ยท On-site
$165K - $242K/yr
As an Offensive Security Engineer at CoreWeave, you will lead efforts to identify and mitigate security risks across internal and external systems. You'll perform penetration testing, conduct threat ...
Livingston, NJ ยท On-site
$165K - $242K/yr
As an Offensive Security Engineer at CoreWeave, you will lead efforts to identify and mitigate security risks across internal and external systems. You'll perform penetration testing, conduct threat ...
Application Offensive Security Consultant Jersey City, NJ, United States About the Job Experience level: Mid-senior Experience required: 6 Years Education level: Bachelors degree Job function:
New
Application Offensive Security Consultant Jersey City, NJ, United States About the Job Experience level: Mid-senior Experience required: 6 Years Education level: Bachelors degree Job function:
New
New York, NY ยท Hybrid
$125K - $171K/yr
Here at Datadog, we think about offensive security a little bit differently. We embrace automation and AI to run adversary simulations continuously across a massive cloud-native environment, and we ...
New York, NY ยท Hybrid
$125K - $171K/yr
Here at Datadog, we think about offensive security a little bit differently. We embrace automation and AI to run adversary simulations continuously across a massive cloud-native environment, and we ...
$57K - $68.7K
1% of jobs
$68.7K - $80.5K
4% of jobs
$80.5K - $92.2K
5% of jobs
$92.2K - $103.9K
9% of jobs
$110.4K is the 25th percentile. Wages below this are outliers.
$103.9K - $115.6K
11% of jobs
$115.6K - $127.4K
10% of jobs
The median wage is $131.9K / yr.
$127.4K - $139.1K
28% of jobs
$145.9K is the 75th percentile. Wages above this are outliers.
$139.1K - $150.8K
14% of jobs
$150.8K - $162.5K
11% of jobs
$162.5K - $174.3K
4% of jobs
$174.3K - $186K
4% of jobs
$57K
$133K
$186K
An Offensive Security job involves proactively identifying and exploiting security vulnerabilities in systems, networks, and applications to help organizations strengthen their defenses. Professionals in this field, such as ethical hackers and penetration testers, simulate real-world cyberattacks to find weaknesses before malicious actors can exploit them. They use various tools, techniques, and frameworks to assess security risks, provide recommendations, and improve overall cybersecurity posture. Offensive security experts often work for security firms, enterprises, or government agencies to ensure robust digital protection.
A typical day in Offensive Security involves conducting penetration tests, vulnerability assessments, and red teaming exercises to identify and exploit potential weaknesses in systems and networks. You may spend time analyzing findings, preparing detailed reports, and collaborating with IT teams to discuss remediation strategies. The role often requires staying current with emerging threats and tools, as well as participating in team meetings to review attack simulations or incident scenarios. Regular communication with clients or internal stakeholders is also common to explain technical concepts in an accessible way. The dynamic nature of the work keeps each day interesting and fosters continuous learning and problem-solving.
To thrive as an Offensive Security professional, you need a deep understanding of networks, operating systems, penetration testing methodologies, and typically hold a degree in computer science or a related field. Familiarity with tools such as Metasploit, Burp Suite, Nmap, as well as certifications like OSCP or CEH, is often required. Strong analytical thinking, attention to detail, effective communication, and ethical judgment are essential soft skills. These abilities are crucial for identifying vulnerabilities, communicating risks, and helping organizations improve their security posture.

Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 7 days ago
Benefits:
Competitive compensation
Medical, dental, and vision insurance
401(k) retirement savings plan with substantial company match
Life and travel insurance
Tuition assistance
Wellness reimbursement program
Paid holidays and vacation
What is an Offensive Security Engineer?
We are seeking a diligent and experienced Offensive Security Engineer to join our team. In this role, you will be working within a group of highly motivated Information Technology and Cybersecurity professionals committed to keeping Central Hudson safe. The Offensive Security Engineer is responsible for conducting intelligenceled threat emulation and purple team exercises to simulate realworld adversaries, validate detection and response capabilities, and identify security control gaps. This role partners closely with the SOC, threat intelligence, detection engineering, and infrastructure teams to continuously validate detections, assess control effectiveness, and drive measurable improvements across the detectiontoremediation lifecycle. The ideal candidate has a strong understanding of modern security principles, offensive security techniques, and attacker methodologies, along with excellent analytical skills and the ability to clearly communicate technical findings and risk to both technical and nontechnical stakeholders.
What does an Offensive Security Engineer do?
Conducts targeted offensive testing activities in support of threat emulation and detection validation across networks, applications, cloud environments, and endpoints
Executes intelligencedriven threat emulation exercises that replicate realworld adversaries, campaigns, and tactics, techniques, and procedures (TTPs)
Performs vulnerability remediation testing to validate the effectiveness of fixes and compensating controls
Maps emulated activity to MITRE ATT&CK techniques and track detection coverage and gaps
Develops and maintains custom tools, scripts, and payloads to support testing activities
Safely exercises adversary techniques to evaluate the effectiveness of security controls and detections
Partners with blue team, SOC, and engineering teams to test detection and response capabilities
Implements, maintains, and enhances red team tooling and infrastructure to support penetration testing, adversary emulation, and purple team exercises
Leads and executes purple team exercises in close coordination with the SOC and Blue Team, sharing findings, techniques, and actionable recommendations to strengthen detection, response, and recovery capabilities
Assists in tuning and validating security controls, alerts, analytics, and incident response playbooks based on threat emulation outcomes
Validates security detections across SIEM, EDR, identity, and cloud platforms using repeatable and measurable testing scenarios
Produces clear, actionable reports detailing emulated adversary behavior, detection gaps, response gaps, and prioritized remediation guidance
Presents results to technical teams and leadership, translating technical risk into business terms
Tracks remediation progress and re-test identified issues
Stays current on emerging threats, adversary techniques, and offensive security tooling
Contributes to the development of red team methodologies, frameworks, and documentation
Supports threat intelligence-driven testing aligned with real-world attack trends
Consumes and operationalizes threat intelligence to inform adversary selection, scenario design, and testing priorities
Promotes and raises awareness by educating others about the importance of cybersecurity
Builds relationships with government and local agencies to promote collaborative information sharing
Stays updated with the latest cybersecurity trends, threats, and technologies
Participates in on-call as needed to respond to security incidents outside of regular working hours
Provides support for storm restoration efforts
What does it take to be an Offensive Security Engineer?
Required:
Bachelor's degree in Cybersecurity, Information Technology, Computer Science or related field of study. In lieu of a bachelor's degree, an associate degree in the aforementioned fields and 3 years of information security engineering or related experience or a high school diploma or equivalency degree and 5 years of information security engineering or related experience will be considered
Strong knowledge of network, application, and cloud security, including operating systems (Windows and Linux)
Working knowledge of common offensive security tools, including but not limited to:
Metasploit, Cobalt Strike (or equivalents), Burp Suite, Nmap, BloodHound, and CrackMapExec
Knowledge of vulnerability remediation testing and validating the effectiveness of security controls
Demonstrated experience collaborating closely with SOC or Blue Team functions to improve detection and incident response maturity
Ability to develop scripts or tools using Python, PowerShell, Bash, or C#
Solid understanding of security operations and detection technologies, including SIEM, EDR, IDS/IPS, and endpoint protection, to support adversaryemulation and purpleteam activities
Familiarity with industry security frameworks and methodologies, such as:
MITRE ATT&CK
NIST 80061 (Incident Response)
SANS / CIS Critical Security Controls
Strong analytical and problemsolving skills with the ability to assess complex security issues
Excellent written and verbal communication skills, including the ability to clearly document findings and communicate risk to both technical and nontechnical audiences
Ability to work independently with minimal supervision and respond professionally to constructive feedback
Ability to work nights, weekends, holidays during a critical cyber incident or event
Valid driver's license
Preferred:
3+ years of hands-on experience performing offensive security activities such as penetration testing, detection validation, adversary emulation, red teaming, or exploitation of applications, networks, and cloud environments
Familiarity with evaluating security controls and risk exposure through an attacker's lens, including validation of compensating controls and secure design assumptions
Experience identifying security weaknesses through threat modeling, attack simulations, and exploitation, with the ability to translate findings into actionable remediation guidance
Experience in Energy & Utilities or services industry
Relevant certifications such CISSP, CEH, GPEN, GCIH, OSCP, OSWE, or similar offensive security focused credentials
Applications will be accepted until July 9, 2026.
This position has a career path which allows for advancement opportunities within the Information Security Analyst job series. The title and level are commensurate with experience. Pay range: $73,000 - $171,300
Please go to https://www.cenhud.com/employment. Click the "Search Career Opportunities" button. Follow the directions to submit an application and upload your resume for the desired position.
Applications sent via e-mail and US Mail will not be accepted. No phone calls or agencies, please. All replies will be held in strict confidence.
All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, creed, color, ethnicity, arrest or conviction record, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, citizenship, genetic information, familial status, marital status, pregnancy-related condition, domestic violence victim status, veteran or military status, or any other characteristic protected by federal, state or local laws. Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance employment in individuals who are protected veterans and individuals with disabilities.
VEVRAA FEDERAL CONTRACTOR