Offensive Security Engineer Remote Jobs in Florida

Job Level: Manager (Individual Contributor - No Direct Reports)

Department: Information Technology - Enterprise Security (Security Operations & Engineering)

Reports To: Director, Information Security - Security Operations & Engineering

Location: Remote

Position Summary

The Sr. Information Security Manager is the owner and coordinator for Omnicell's security engineering & automation capabilities and core security tooling stack, with emphasis on Qualys, Netskope, DLP, Vectra, or equivalent. This role defines the strategy, roadmap, standards, and operating model for these capabilities and ensures they deliver effective controls, meaningful metrics, and integrated workflows for SecOps.

The Sr. Information Security Manager leads tooling strategy, engineering direction, and cross-team execution working through influence, governance, and hands on technical expertise. The role drives vulnerability management, data protection, network detection, and offensive security (penetration testing and red team exercises), while building automation and process improvements across Omnicell's SecOps technologies (SIEM, SOAR, EDR/XDR, ITSM, CMDB, and related tools).

Key Responsibilities

Security Tool Ownership & Roadmap

• Serve as service owner and primary authority for:

• Qualys or equivalent vulnerability management

• Netskope or equivalent SWG/CASB/ZTNA

• Enterprise DLP or equivalent (endpoint, email, and/or cloud)

• Vectra or equivalent NDR platform

• Define and maintain tool strategy, roadmap, and standards, including policies, configurations, and integration patterns.

• Coordinate with SecOps, Infrastructure, Cloud, Network, and Product/Cloud Security to prioritize backlogs and ensure tools support business and risk reduction objectives.

Vulnerability Management Leadership (Qualys or Equivalent)

• Own the Qualys (or equivalent) operating model, including scan architecture, schedules, asset tagging, and authentication patterns across on prem, cloud, and endpoint assets.

• Define risk-based prioritization models, remediation SLAs, and exception processes in partnership with asset owners and SecOps.

• Establish and maintain dashboards and reports for coverage, vulnerability aging, SLA performance, and risk trends; use these to drive accountability with IT and business stakeholders.

Data Protection & DLP Governance (Netskope and DLP Platforms)

• Lead the design and governance of DLP and Netskope (or equivalent) policies to protect sensitive data (e.g., PHI, PII, confidential IP) across web, cloud apps, endpoints, and email.

• Partner with Data Owners, Privacy, Legal, and Compliance to translate classification and regulatory requirements into implementable policies.

• Oversee tuning strategy, rollout plans, and exception handling, balancing protection with business productivity.

Detection Engineering & SecOps Integration (Vectra and SecOps Stack)

• Define and oversee detection engineering strategy for Vectra (or equivalent) NDR and related integrations into SIEM/SOAR and case management.

• Work with SecOps to design and refine detections, correlation rules, and playbooks leveraging NDR, CASB/SWG, DLP, EDR/XDR, and vulnerability data.

• Act as Tier3 escalation for incidents involving these tools and ensure post incident findings are translated into durable configuration, process, and automation improvements.

Metrics, Automation, and Process Improvement

• Define and own KPIs/KRIs for security tooling, including:

-Vulnerability remediation rates and SLA adherence

-Tool and sensor coverage across environments

-DLP incident volumes, false positive rates, and closure times.

• Drive automation strategy and patterns using APIs, scripting (e.g., Python, PowerShell), and SOAR, guiding engineers who implement automations and contributing hands on as needed.

• Lead continuous improvement initiatives to reduce manual effort, improve data quality, and standardize workflows across SecOps and IT (e.g., standard runbooks, intake processes, and change patterns).

Cross-Functional Leadership, Documentation, and Enablement

• Act as the primary point of contact for these tools with Infrastructure, Cloud, Network, Application Owners, and Product/Cloud Security.

• Create and maintain SOPs, runbooks, architectures, and knowledge articles for security tools and workflows; ensure they are adopted and kept current.

• Plan and deliver training, enablement, and communications for SecOps, IT, and other stakeholders on tool capabilities, dashboards, metrics, and best practices.

• Support audits, certifications, and customer security assessments where these tools and metrics are in scope, ensuring consistent, evidence-backed responses.

Offensive Security - Penetration Testing and Red Team Exercises

• Coordinate and oversee penetration testing and red team exercises (internal and third-party), aligning scope and objectives with key risks, products, and environments.

• Ensure findings from offensive security activities are prioritized, tracked, and integrated into vulnerability management, detection engineering, and process improvements.

• Partner with Product/Cloud Security, Infrastructure, and SecOps to design scenarios that validate controls, detections, and incident response playbooks.

Required Qualifications & Skills

• 8+ years in Information Security, with substantial experience in security engineering and/or SecOps, including ownership of enterprise security tools.

• 3+ years acting as lead or service owner for at least two of:

-Qualys or equivalent enterprise vulnerability management platform

-Netskope or equivalent SWG/CASB/ZTN

-Enterprise DLP solution

-Vectra or equivalent NDR

• Demonstrated experience defining roadmaps, standards, and metrics, and driving cross functional implementation without direct people management authority.

• Proven track record of delivering metric-driven improvements (coverage, risk reduction, SLA performance).

• Deep knowledge of vulnerability management, web/cloud security, NDR, DLP, and offensive security (penetration testing/red teaming) concepts and operations.

• Experience integrating tools with SIEM, SOAR, EDR/XDR, ITSM, and CMDB, and designing robust data flows and use cases.

• Strong scripting and automation capability (e.g., Python, PowerShell, REST APIs) and experience guiding others in adopting automation patterns.

• Familiarity with frameworks and regulations such as NIST CSF, CIS Controls, HITRUST, SOC 2, HIPAA and ability to map them to tooling capabilities.

• Excellent analytical, communication, and collaboration skills; able to influence decisions and explain tradeoffs to both technical and nontechnical audiences.

Preferred Qualifications

• Advanced degree in Information Security, Computer Science, or related field, or MBA with technology focus.

• Certifications such as CISSP, GIAC (GCIH, GCIA, GMON), CISM, or vendor certifications for Qualys, Netskope, Vectra, or major DLP platforms.

• Experience in healthcare, medical devices, or other highly regulated environments.

• Proven experience leading SOAR and automation initiatives, from design through rollout and operationalization.

Working Conditions

• Occasional off hours work for changes, maintenance, or high severity incidents

• Occasional travel (up to ~10-15%) for team meetings, workshops, vendor engagements, and audits

All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.