1

Offensive Security Engineer Jobs in Michigan (NOW HIRING)

Sr. Vulnerability Analyst

Detroit, MI

$95K - $124K/yr

... offensive security. The Senior Vulnerability Analyst works collaboratively to support the ... Bachelor's degree in business administration, Engineering, and Information Systems, Information ...

Sr. Vulnerability Analyst

Detroit, MI ยท On-site

$95K - $124K/yr

... offensive security. The Senior Vulnerability Analyst works collaboratively to support the ... Bachelor's degree in business administration, Engineering, and Information Systems, Information ...

Sr. Principal Security Engineer Join Aptiv and help lead the automotive industry into a more ... Maintain an up-to-date awareness of offensive and defensive cybersecurity activities in the public ...

INTELLIGENCE SPECIALIST

Rochester Hills, MI ยท On-site

$86K - $109K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Mount Pleasant, MI ยท On-site

$86K - $109K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Kalamazoo, MI ยท On-site

$88K - $112K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Lansing, MI ยท On-site

$95K - $120K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Detroit, MI ยท On-site

$92K - $117K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Allendale, MI ยท On-site

$81K - $103K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Flint, MI ยท On-site

$91K - $115K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Berrien Springs, MI ยท On-site

$86K - $109K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Warren, MI ยท On-site

$88K - $111K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

INTELLIGENCE SPECIALIST

Ann Arbor, MI ยท On-site

$92K - $115K/yr

... security, taking your passion for science and engineering to the next level. CRYPTOLOGIC TECHNICIAN NETWORKS Use state-of-the-art technology to perform offensive and defensive cyber operations ...

next page

Showing results 1-20

Offensive Security Engineer information

See Michigan salary details

$53.6K

$133.2K

$179.1K

How much do offensive security engineer jobs pay per year?

As of Jul 19, 2026, the average yearly pay for offensive security engineer in Michigan is $133,156.00, according to ZipRecruiter salary data. Most workers in this role earn between $124,600.00 and $138,100.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Offensive Security Engineers on the job?

Offensive Security Engineers often encounter challenges such as keeping up with rapidly evolving threats, maintaining deep technical knowledge across various technologies, and identifying vulnerabilities in large or complex systems. They must balance rigorous testing with minimal disruption to live systems, which requires careful planning and coordination with other teams. Additionally, translating technical findings into actionable recommendations that are understandable to both technical and non-technical stakeholders is a key part of the role. These challenges make adaptability, continuous learning, and strong communication skills especially important in this field.

How much do offensive security engineers make?

Offensive security engineers typically earn between $80,000 and $150,000 annually, depending on experience, certifications, and location. Senior roles or those with specialized skills in penetration testing and exploit development can earn higher salaries, often exceeding $150,000.

What does an Offensive Security Engineer do?

An Offensive Security Engineer is responsible for identifying and exploiting vulnerabilities in systems, networks, and applications to assess an organization's security posture. They conduct penetration testing, simulate real-world cyber attacks, and provide recommendations to strengthen defenses. Their work helps organizations proactively detect and mitigate security risks before malicious hackers can exploit them. They often use tools like Metasploit, Burp Suite, and custom scripts to test security controls.

What does an offensive security engineer do?

An offensive security engineer conducts simulated cyberattacks to identify vulnerabilities in computer systems, networks, and applications. They use tools like penetration testing and vulnerability assessment techniques to improve security defenses and often hold certifications such as OSCP or CEH. Their work involves ethical hacking, reporting security flaws, and helping organizations strengthen their cybersecurity posture.

Can you make $500,000 a year in cyber security?

Offensive Security Engineers with advanced skills, certifications like OSCP, and extensive experience can potentially earn $500,000 annually, especially in high-demand industries or senior roles. Achieving this level typically requires expertise in penetration testing, security tools, and often leadership responsibilities or consulting work.

What engineers make $500,000?

Senior offensive security engineers with extensive experience, specialized skills in penetration testing, and relevant certifications such as OSCP or CISSP can reach or exceed a $500,000 annual salary, especially in high-demand industries or senior leadership roles. Compensation often includes base salary, bonuses, and stock options, reflecting their expertise in cybersecurity and offensive security techniques.

What are the key skills and qualifications needed to thrive in the Offensive Security Engineer position, and why are they important?

Offensive Security Engineers need expertise in penetration testing, vulnerability assessment, networking, programming, and a solid understanding of security best practices, typically supported by a computer science degree or equivalent experience. Familiarity with tools like Metasploit, Burp Suite, Kali Linux, and certifications such as OSCP or CEH is highly valued. Strong problem-solving ability, effective communication, and a collaborative mindset help professionals excel in this dynamic field. These skills ensure the engineer can identify and exploit security weaknesses while clearly conveying findings to both technical teams and stakeholders, ultimately strengthening organizational security.

What are the most commonly searched types of Offensive Security Engineer jobs in Michigan? The most popular types of Offensive Security Engineer jobs in Michigan are:
What are popular job titles related to Offensive Security Engineer jobs in Michigan? For Offensive Security Engineer jobs in Michigan, the most frequently searched job titles are:
What job categories do people searching Offensive Security Engineer jobs in Michigan look for? The top searched job categories for Offensive Security Engineer jobs in Michigan are:
Infographic showing various Offensive Security Engineer job openings in Michigan as of July 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $133,156 per year, or $64 per hour.

Manager, Offensive and Application Security (Remote)

Trinityhealth

Livonia, MI โ€ข Remote

$122K - $202K/yr

Full-time

Posted 11 days ago


Job description

Employment Type:Full timeShift:Description:

Manages and develops the Offensive and Application Security Team. This role develops and performs penetration testing or adversary simulation engagements. The leader will oversee a team that communicates findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel. Provides constructive suggestions for improving our security posture and controls, hone its defensive capabilities, and measure the effectiveness of its security operations. Maintains an effective and efficient approach to information security that is both balanced and consistent with the mission, values, and operating goals of Trinity Health.

  • Performs security reviews of application designs, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS).
  • Identifies and clearly articulates (written and verbal) findings to senior management and clients.
  • Participates in security assessments of networks, systems and applications.
  • Coaches members of the Red Team, guiding them in offensive security tactics and strategies.
  • Leads the secure code review program to ensure adherence to security best practices and policies.
  • Promotes continuous testing exercises in collaboration with the Incident Response and Security Monitoring teams to validate the effectiveness of security measures.
  • Develops automation to enhance the efficiencies of the security program, streamlining processes and improving response times.
  • Manages the overall performance of the team in terms of effectiveness, efficiency, productivity, and quality. Assigns work, completes staff evaluations, conducts new hire interviews, and mentors staff.
  • Oversees scheduling of resources to execute and support the threat intel domain through Red Team operational procedures (communication and tracking). Coordinates activities that may impact other IT supported areas.
  • Develops and maintains detailed documentation relative to application penetration testing (APT) and dynamic application security testing
  • Conducts (DAST), static application security testing (SAST), and source composition analysis (SCA)
  • Directly manages, mentors and supports the Application Security function in conducting secure code reviews, vulnerability assessments, and ensuring compliance with security best practices.
  • Evaluates and reports on application security metrics and performance, aligning with Trinity Health's strategic objectives and operational goals.
  • Facilitates the departmental initiatives to achieve business and organizational goals, vision and objectives. Develops and manages team budget.
  • Supports planning, communicating, coordinating, and performing manual penetration testing and security assessments at application, system and enterprise level. Identifies and drives process improvement within Red Team program.
  • Partners with business groups/ clients to design processes & scope of penetration testing & security assessment methodologies. Partners with the delivery team to identify and drive delivery of opportunities to automate, improve efficiency, reduce the number of steps to perform the function while ensuring quality.
  • Acts as a liaison between business and technical employees to translate requirements/needs in both directions. Works closely with the incident and threat hunting teams, and various lines of business to mitigate risk.
  • pay grade 17 range $122,855.2166-202,711.1074 Actual compensation will fall within the range but may vary based on factors such as experience, qualifications, education, location, licensure, certification requirements, and comparisons to colleagues in similar roles.

Minimum Qualifications

  • Bachelor of Science in Information Technology - Cyber Security, or an equivalent combination of education and experience.
  • Five (5) to seven (7) years of progressive experience with comprehensive knowledge of hardware, software, application, and systems engineering in multiple IT disciplines (network, web applications, server hardware and software, vulnerabilities, and risk - assessment and management) with a focus in the following information security disciplines.
  • 5+ years of information security experience
  • 3+ years of penetration testing, red teaming, ethical hacking, application security, or similar management experience
  • Experience and demonstrated knowledge of adversarial tactics, techniques and procedures. Strong understanding of threat actors and the TTPs used by known threat actors.
  • Comprehensive knowledge of information security practices (technical, operational, and administrative) in Network penetration testing and manipulation of network infrastructure.
  • Experience in performing external and internal penetration tests using security testing tools, such as BurpSuite, Mimikatz, Metasploit, Nessus, HP Web Inspect, or other tools. Applying an understanding of the principles of information security engineering, architecture, and application security.
  • Experience leading pen testing security teams focused on enterprise, web, and mobile applications. Document and explain technical details in a concise, understandable manner to business owners.
  • Experience with networking components (routers, switches, load balancers, wireless access points, etc.). Intrusion Detection analysis and prevention, Data Loss Prevention, Windows / Linux / Mac OSX Operating systems.
  • Comprehensive knowledge of client/server relationships and multi-tier environments, load balancers / Web Application Firewalls, Active Directory, DHCP, DNS, PKI. Networking technologies: routers, switches, firewalls.
  • Demonstrated ability to independently perform web, mobile, and thick application penetration tests.
  • Understanding of web-based application vulnerabilities (OWASP) network security and popular attacks vectors.
  • Knowledge of Windows, Linux, Unix, any other major operating systems, and deep understanding of TCP/IP network protocols.
  • Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends in Cloud implementations
  • Knowledge and skills of monitoring of security vulnerabilities, threats, exposures, associated risk, and mitigating solutions.
  • Knowledge and understanding of web services, SOA (Services Oriented Architecture), micro-services, and API biased architectures.
  • Experience in using automated code tooling related to building or deploying code to operational environments.
  • Exposure and/or experience with various security testing techniques such as manual code reviews, dynamic application security testing (DAST), static application security testing (SAST), source composition analysis (SCA), and penetration testing.
  • Understanding of software development life cycle, coding standards, and software security principles.
  • Familiarity with reading and using a variety of programming languages and frameworks.
  • Experience with software development/deployment methodologies including Agile, Continuous Integration/Continuous Deployment (CI/CD), and DevSecOps.
  • Desired Security certifications: GWAPT (GIAC Web Application Penetration Tester), CSSIP (Certified Information Systems Security Professional), GCIH (GIAC Certified Incident Handler), CEH (Certified Ethical Hacker), which may also substitute an equivalent combination of education and experience.
  • Strong knowledge of HIPAA, ISO 27001/2, FISMA, FIPS, OWASP and NIST security.
  • Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.
  • Ability to manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and workload.

Our Commitment

Rooted in our Mission and Core Values, we honor the dignity of every person and recognize the unique perspectives, experiences, and talents each colleague brings. By finding common ground and embracing our differences, we grow stronger together and deliver more compassionate, person-centered care. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other status protected by federal, state, or local law.