... engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform ... The Bigger Picture Join a 100% remote, highly specialized offensive security team where you will ...
... engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform ... The Bigger Picture Join a 100% remote, highly specialized offensive security team where you will ...
... engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform ... The Bigger Picture Join a 100% remote, highly specialized offensive security team where you will ...
... engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform ... The Bigger Picture Join a 100% remote, highly specialized offensive security team where you will ...
... engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform ... The Bigger Picture Join a 100% remote, highly specialized offensive security team where you will ...
... engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform ... The Bigger Picture Join a 100% remote, highly specialized offensive security team where you will ...
Cyber Security Framework Engineer - Remote
Louisville, KY · Remote
$50 - $90/hr
Remote micro1 is engaging Red Team Leads (Offensive Cybersecurity) to contribute expertise to a ... Design and validate evaluation frameworks for offensive security, focusing on real-world scenarios ...
Cyber Security Framework Engineer - Remote
Louisville, KY · Remote
$50 - $90/hr
Remote micro1 is engaging Red Team Leads (Offensive Cybersecurity) to contribute expertise to a ... Design and validate evaluation frameworks for offensive security, focusing on real-world scenarios ...
Expert Security Engineer
Canada, KY · Remote
$100K - $120K/yr
US, Canada (Remote) Employment Type: Full-time About Altera Altera, a member of the N. Harris ... Relevant offensive security certifications such as OSCP, OSWE, GPEN, GWAPT, or other advanced GIAC ...
Expert Security Engineer
Canada, KY · Remote
$100K - $120K/yr
US, Canada (Remote) Employment Type: Full-time About Altera Altera, a member of the N. Harris ... Relevant offensive security certifications such as OSCP, OSWE, GPEN, GWAPT, or other advanced GIAC ...
Expert Security Engineer
Canada, KY · Remote
$100K - $120K/yr
US, Canada (Remote) Employment Type: Full-time About Altera Altera, a member of the N. Harris ... Relevant offensive security certifications such as OSCP, OSWE, GPEN, GWAPT, or other advanced GIAC ...
Expert Security Engineer
Canada, KY · Remote
$100K - $120K/yr
US, Canada (Remote) Employment Type: Full-time About Altera Altera, a member of the N. Harris ... Relevant offensive security certifications such as OSCP, OSWE, GPEN, GWAPT, or other advanced GIAC ...
AI Red Team Cybersecurity (SME) - Remote
Louisville, KY · Remote
$50 - $90/hr
Design and validate evaluation frameworks for offensive security, focusing on real-world scenarios ... Track record as a principal security engineer, exploit developer, cloud red-team lead, malware ...
AI Red Team Cybersecurity (SME) - Remote
Louisville, KY · Remote
$50 - $90/hr
Design and validate evaluation frameworks for offensive security, focusing on real-world scenarios ... Track record as a principal security engineer, exploit developer, cloud red-team lead, malware ...
Application Security Engineer (REMOTE)
Eastwood, KY · Remote
$117K - $146K/yr
Job Purpose The Application Security Engineer is responsible for strengthening the security of our applications, platforms, and development processes. This position partners with software engineers ...
Application Security Engineer (REMOTE)
Eastwood, KY · Remote
$117K - $146K/yr
Job Purpose The Application Security Engineer is responsible for strengthening the security of our applications, platforms, and development processes. This position partners with software engineers ...
Sr Software Engineer- Remote 6 month contract to hire
Lexington, KY · On-site +1
$121K - $160K/yr
Sr Software Engineer- Remote Primary Location : Lexington, Kentucky V-Soft Consulting is currently ... security, and processes. Interested? Qualified candidates should send their resumes to bmohammad ...
Sr Software Engineer- Remote 6 month contract to hire
Lexington, KY · On-site +1
$121K - $160K/yr
Sr Software Engineer- Remote Primary Location : Lexington, Kentucky V-Soft Consulting is currently ... security, and processes. Interested? Qualified candidates should send their resumes to bmohammad ...
Lead Entra Security Engineer
Louisville, KY · On-site +1
$98K - $129K/yr
The Lead Entra Security Engineer will partner closely with security, platform, and application ... Travel: While this is a remote position, occasional travel to Humana's offices for training or ...
New
Lead Entra Security Engineer
Louisville, KY · On-site +1
$98K - $129K/yr
The Lead Entra Security Engineer will partner closely with security, platform, and application ... Travel: While this is a remote position, occasional travel to Humana's offices for training or ...
New
Lead Entra Security Engineer
Louisville, KY · On-site +1
$98K - $129K/yr
The Lead Entra Security Engineer will partner closely with security, platform, and application ... Travel: While this is a remote position, occasional travel to Humana's offices for training or ...
New
Lead Entra Security Engineer
Louisville, KY · On-site +1
$98K - $129K/yr
The Lead Entra Security Engineer will partner closely with security, platform, and application ... Travel: While this is a remote position, occasional travel to Humana's offices for training or ...
New
Lead Entra Security Engineer
Louisville, KY · On-site +1
$98K - $129K/yr
The Lead Entra Security Engineer will partner closely with security, platform, and application ... Travel: While this is a remote position, occasional travel to Humana's offices for training or ...
New
Lead Entra Security Engineer
Louisville, KY · On-site +1
$98K - $129K/yr
The Lead Entra Security Engineer will partner closely with security, platform, and application ... Travel: While this is a remote position, occasional travel to Humana's offices for training or ...
New
Principal Product Security Engineer
Owensboro, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Owensboro, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Lexington, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Lexington, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Bowling Green, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Bowling Green, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Frankfort, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Frankfort, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Louisville, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Louisville, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Covington, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
Principal Product Security Engineer
Covington, KY · On-site +1
... Security Engineer to be located in Danvers, MA or Raritan, NJ ... Remote work options may be considered on a case-by-case basis and if approved by the Company. Are ...
The Junior Security Engineer supports 24x7 enterprise cybersecurity operations by monitoring ... This is a remote position. Maximus TCS (Technology and Consulting Services) Internal Job Profile ...
The Junior Security Engineer supports 24x7 enterprise cybersecurity operations by monitoring ... This is a remote position. Maximus TCS (Technology and Consulting Services) Internal Job Profile ...
The Junior Security Engineer supports 24x7 enterprise cybersecurity operations by monitoring ... This is a remote position. Maximus TCS (Technology and Consulting Services) Internal Job Profile ...
The Junior Security Engineer supports 24x7 enterprise cybersecurity operations by monitoring ... This is a remote position. Maximus TCS (Technology and Consulting Services) Internal Job Profile ...
Offensive Security Engineer Remote information
What is the difference between Offensive Security Engineer Remote vs Penetration Tester?
| Aspect | Offensive Security Engineer Remote | Penetration Tester |
|---|---|---|
| Certifications | OSCP, OSWE, CEH | OSCP, CEH, GPEN |
| Work Environment | Remote, collaborative security teams | Often client-site or remote assessments |
| Industry Usage | Security teams, cybersecurity firms | Consulting firms, security assessments |
| Search & Comparison Intent | Understanding roles, skills, and remote opportunities | Job scope, certifications, and remote work options |
Offensive Security Engineer Remote and Penetration Tester roles share overlapping skills and certifications like OSCP and CEH. However, Offensive Security Engineers typically work within security teams on ongoing security infrastructure, often remotely, focusing on offensive security strategies. Penetration Testers usually perform specific security assessments, sometimes on-site, and may have a broader consulting focus. Both roles are vital in cybersecurity but differ in scope and work environment.
What are the key skills and qualifications needed to thrive as an Offensive Security Engineer (Remote), and why are they important?
What are some common challenges faced by remote Offensive Security Engineers, and how can they be addressed?
What does an Offensive Security Engineer do, especially when working remotely?
Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 3 days ago
Humana rating
7.9
Based on 260 frontline employees who took The Breakroom Quiz
155th of 277 rated insurance
Job description
Selected candidate is required to reside 60 mins from one of the following locations: (Louisville KY, NYC Metro, Dallas Metro, Charlotte NC Metro, South Florida(Tampa/Miami/Ft Lauderdale) , Washington DC metro, Chicago, Boston, Atlanta, Nashville)
We're standing up a new AI & Offensive Tooling capability inside our Offensive Security organization, and we're looking for its founding engineer. As Lead, Offensive Security (AI & Tooling), you will own the in-house AI agent platform that powers our penetration testing and red team operations, and build the AI-driven tooling that makes every offensive service line faster, broader, and more autonomous. This is a hands-on building role with the scope of a technical lead: you set the technical direction for offensive AI at the company, and you ship the software that proves it.
It's a rare chance to build autonomous offensive security capabilities from the ground up, responsibly, inside a program that helps protect the health data of millions of people.
The Bigger Picture
Join a 100% remote, highly specialized offensive security team where you will have access to Hack The Box Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets. These resources will enable you to continuously advance your expertise while working on industry-leading Offensive Security challenges at scale. You will be part of the Offensive Security organization, collaborating with Red Team, Penetration Testing, and Breach and Attack Simulation (BAS) professionals, highly specialized experts who identify vulnerabilities so the business can address them proactively. Fridays are dedicated to research and development, allowing the team to pursue training in emerging offensive security methodologies, tools, agents, large language models (LLMs), artificial intelligence, and other bleeding edge topics.
Mission & Impact
AI that attacks traditional systems. Build autonomous and semi-autonomous agents that perform real offensive operations against networks, web applications, and infrastructure, LLM-driven planning loops that reason through reconnaissance, exploitation, privilege escalation, and lateral movement, multi-agent orchestration for breadth, and tool/function-calling that drives real offensive tooling. This is the emerging class of LLM-driven penetration-testing agents, built for production use by a professional red team.
Offense applied to AI itself. Red-team the enterprise's own AI-LLM-powered products, agents, RAG pipelines, and ML applications, against prompt injection, jailbreaks, model extraction and inversion, membership inference, data and supply-chain poisoning, evasion, and agent tool/sandbox abuse, and validate that guardrails and classifiers actually hold.
You'll operate this as a production, event-driven cloud platform at real scale, dozens of serverless functions, change-stream data pipelines, hundreds of operational alarms, and integrated LLM inference. This requires a production software engineering mindset, not proof-of-concept scripting.
Your first 6-12 months- First 90 days: ramp on the agent platform and the three service lines (Red Team, BAS, Penetration Testing); take operational ownership; ship one meaningful improvement to the agent's autonomous capability or reliability, measured against real engagements.
- By 6 months: deliver at least one AI-driven tool that a service line adopts into its live workflow, with metrics showing coverage or turnaround gains; establish the evaluation harness that tracks the agent's autonomous success rate against representative targets.
- By 12 months: publish the multi-quarter offensive-AI roadmap and KPIs; stand up repeatable adversarial testing for the enterprise's own AI systems; mentor 1-3 engineers as the capability grows toward its own function.
Use your skills to make an impact
Why this role, and why here
- Real scope, real authority. You own the platform's architecture, roadmap, and day-to-day operation-and you advise Offensive Security leadership on strategy. This is the founding technical role of a capability that grows into its own team.
- A program that's already serious about AI. Fridays are dedicated to R&D. You'll have Hack The Box Pro Labs, all HTB role-based paths and certifications, discretionary certification funding, and conference/training budgets.
- Mission that matters. Offensive Security identifies weaknesses so the business can fix them before adversaries exploit them-protecting the data and care of millions of people. AI is entering both our adversaries' tradecraft and our own operations faster than traditional tooling keeps up; you keep us ahead.
We're hiring for a genuinely hybrid skill set, deep offensive security and real AI engineering. You do not need to check every box below. If you're a strong offensive engineer who has built real AI agents, or a strong AI/agent builder with serious hands-on offensive experience, we want to hear from you.
Required Qualifications:
- Offensive security depth: 6+ years in roles such as Red Team or Penetration Testing, including team- or program-level leadership, and the instinct to think like an attacker against systems that don't behave deterministically.
- Production Python engineering: a strong track record of building and operating production-quality software and tooling, not only scripts.
- You've built with agentic AI: hands-on designing, building, or operating AI agents or LLM applications: agentic workflows, tool/function-calling, and orchestration. (We care about what you've shipped and operated, not years on a particular framework, the frameworks are only a few years old.)
- You've attacked AI: hands-on testing of AI/ML systems: prompt injection, jailbreaking, and adversarial techniques.
- Cloud fluency: production experience with at least one major Cloud Service Provider (AWS, GCP, or Azure).
Preferred Qualifications:
- Built autonomous or semi-autonomous offensive agents, LLM-driven penetration-testing agents, or reinforcement-learning exploit and attack-path planners.
- Hands-on with AI red-teaming frameworks such as PyRIT or Garak, and fluent in MITRE ATLAS, the OWASP Top 10 for LLM Applications, and the NIST AI Risk Management Framework.
- Model Context Protocol (MCP): building clients/servers, or testing them and RAG pipelines for tool/prompt-injection abuse.
- Demonstrated ability to test endpoints protected by modern EDR/XDR; experience across multiple cloud providers; threat-intelligence-driven operations.
- Depth in an advanced offensive specialty: malware development, advanced Red Team operations and threat simulation, or adversarial ML research; experience building and breaking LLMs, ML models, and AI infrastructure.
- Published research, open-source contributions, or talks at DEF CON, BSides, x33fcon, or Black Hat; expert-level certifications (e.g. OSEE, OSED, OSCE3, CRTL, CWEE, CAPE).
You'll embed with each service line rather than build in isolation; ship production-grade software with engineering rigor (reproducibility, evaluation, safety guardrails, human-in-the-loop where offensive operations demand it); deliver findings and tooling with reproduction steps, severity, business impact, and remediation; track risk in the enterprise risk platform; and operate within the organization's acceptable-use-of-AI policies and offensive security rules of engagement.
Remote/WAH requirements:
- WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
- A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
- Satellite and Wireless Internet service is NOT allowed for this role.
- A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information
Scheduled Weekly Hours
40Pay Range
The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.Description of Benefits
Humana, Inc. and its affiliated subsidiaries (collectively, "Humana") offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.About us
About Humana: Humana Inc. (NYSE: HUM) is a leading U.S. healthcare company. Through our Humana insurance services and our CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health - delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare and Medicaid, families, individuals, military service personnel, and communities at large. Learn more about what we offer atHumana.comand atCenterWell.com.
Equal Opportunity Employer
It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.
About Humana
Sourced by ZipRecruiter
Humana Inc., headquartered in Louisville, KY., is a leading health care company that offers a wide range of insurance products and health and wellness services that incorporate an integrated approach to lifelong well-being. By leveraging the strengths of its core businesses, Humana believes it can better explore opportunities for existing and emerging adjacencies in health care that can further enhance wellness opportunities for the millions of people across the nation with whom the company has relationships.
Industry
Health care and social assistance
Company size
10,000+ Employees
Headquarters location
Louisville, KY, US
Year founded
1961