1

Offensive Security Engineer Jobs in Washington (NOW HIRING)

Senior Engineer, Offensive Security

Washington, DC · On-site

$129K - $177K/yr

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

New

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

New

Senior Engineer, Offensive Security

Washington, DC · On-site

$129K - $177K/yr

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

New

This requires a production software engineering mindset, not proof-of-concept scripting. Your first ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...

New

This requires a production software engineering mindset, not proof-of-concept scripting. Your first ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...

New

This requires a production software engineering mindset, not proof-of-concept scripting. Your first ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...

New

next page

Showing results 1-20

Offensive Security Engineer information

See Washington salary details

$69.7K

$173K

$232.7K

How much do offensive security engineer jobs pay per year?

As of Jul 4, 2026, the average yearly pay for offensive security engineer in Washington is $173,030.00, according to ZipRecruiter salary data. Most workers in this role earn between $162,000.00 and $179,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Offensive Security Engineers on the job?

Offensive Security Engineers often encounter challenges such as keeping up with rapidly evolving threats, maintaining deep technical knowledge across various technologies, and identifying vulnerabilities in large or complex systems. They must balance rigorous testing with minimal disruption to live systems, which requires careful planning and coordination with other teams. Additionally, translating technical findings into actionable recommendations that are understandable to both technical and non-technical stakeholders is a key part of the role. These challenges make adaptability, continuous learning, and strong communication skills especially important in this field.

How much do offensive security engineers make?

Offensive security engineers typically earn between $80,000 and $150,000 annually, depending on experience, certifications, and location. Senior roles or those with specialized skills in penetration testing and exploit development can earn higher salaries, often exceeding $150,000.

What does an Offensive Security Engineer do?

An Offensive Security Engineer is responsible for identifying and exploiting vulnerabilities in systems, networks, and applications to assess an organization's security posture. They conduct penetration testing, simulate real-world cyber attacks, and provide recommendations to strengthen defenses. Their work helps organizations proactively detect and mitigate security risks before malicious hackers can exploit them. They often use tools like Metasploit, Burp Suite, and custom scripts to test security controls.

What does an offensive security engineer do?

An offensive security engineer conducts simulated cyberattacks to identify vulnerabilities in computer systems, networks, and applications. They use tools like penetration testing and vulnerability assessment techniques to improve security defenses and often hold certifications such as OSCP or CEH. Their work involves ethical hacking, reporting security flaws, and helping organizations strengthen their cybersecurity posture.

Can you make $500,000 a year in cyber security?

Offensive Security Engineers with advanced skills, certifications like OSCP, and extensive experience can potentially earn $500,000 annually, especially in high-demand industries or senior roles. Achieving this level typically requires expertise in penetration testing, security tools, and often leadership responsibilities or consulting work.

What engineers make $500,000?

Senior offensive security engineers with extensive experience, specialized skills in penetration testing, and relevant certifications such as OSCP or CISSP can reach or exceed a $500,000 annual salary, especially in high-demand industries or senior leadership roles. Compensation often includes base salary, bonuses, and stock options, reflecting their expertise in cybersecurity and offensive security techniques.

What are the key skills and qualifications needed to thrive in the Offensive Security Engineer position, and why are they important?

Offensive Security Engineers need expertise in penetration testing, vulnerability assessment, networking, programming, and a solid understanding of security best practices, typically supported by a computer science degree or equivalent experience. Familiarity with tools like Metasploit, Burp Suite, Kali Linux, and certifications such as OSCP or CEH is highly valued. Strong problem-solving ability, effective communication, and a collaborative mindset help professionals excel in this dynamic field. These skills ensure the engineer can identify and exploit security weaknesses while clearly conveying findings to both technical teams and stakeholders, ultimately strengthening organizational security.

What are the most commonly searched types of Offensive Security Engineer jobs in Washington? The most popular types of Offensive Security Engineer jobs in Washington are:
What job categories do people searching Offensive Security Engineer jobs in Washington look for? The top searched job categories for Offensive Security Engineer jobs in Washington are:
What cities in Washington are hiring for Offensive Security Engineer jobs? Cities in Washington with the most Offensive Security Engineer job openings:
Infographic showing various Offensive Security Engineer job openings in Washington as of June 2026, with employment types broken down into 69% Full Time, 26% Part Time, and 5% Contract. Highlights an 93% Physical, 2% Hybrid, and 5% Remote job distribution, with an average salary of $173,030 per year, or $83.2 per hour.
Sr. Staff Security Engineer - AI, VMR, Offensive Security

Sr. Staff Security Engineer - AI, VMR, Offensive Security

GEICO

Bethesda, MD • On-site

$122K - $168K/yr

Full-time

Posted 18 days ago


GEICO rating

8.0

Company rating: 8.0 out of 10

Based on 354 frontline employees who took The Breakroom Quiz

143rd of 277 rated insurance


Job description

Why Join GEICO?
At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities.
Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive on relentless innovation to exceed our customers' expectations while making a real impact on local communities nationwide.
Founded in 1936, GEICO is a member of the Berkshire Hathaway family of companies and one of the largest auto insurers in the United States. When you join our company, we want you to feel valued, supported, and proud to work here. That's why we offer the GEICO Pledge: Great Company, Great Culture, Great Rewards, and Great Careers.
GEICO is seeking a highly experienced Senior Staff Security Engineer to lead the strategy and technical execution of Vulnerability Management and Offensive Security across a complex, hybrid technology ecosystem. This role blends deep security engineering expertise with strong architectural leadership, hands-on experience, leveraging frontier AI models for security, drive customer success, and provide advisory to senior executive leaders.
This is a high-impact hands-on technical role who maintains a strong connection with both customers and underlying systems for shaping the company's vulnerability management maturity, influencing engineering culture, and safeguarding critical systems. The Senior Staff Security Engineer will drive meaningful, measurable improvements to security posture while enabling teams to build and ship technology with confidence. They drive customer success for the vulnerability management and offensive security functions. They demonstrate a keen ability to dive deep into complex problems to fully understand how systems operate, discerning when to make incremental improvements and when to challenge the status quo to drive impactful results. They are well-versed with Vulnerability Management Lifecycle - asset discovery, internal/external scans, contextualization and risk-based assessment, triaging of CVEs, detection authoring, security data pipeline, reporting, and remediation.
This role is an advisor to executive leaders and is critical to our cybersecurity objectives. The position requires a strong security and engineering background with hands-on experience. The successful candidate will play a key role in maintaining a strong security posture for the company through close collaboration with infrastructure, development, product, and other organizations across GEICO to integrate security into the ecosystem from design through deployment to sustainable operations.
At GEICO's Cybersecurity organization, we are committed to strengthening the company's digital resilience and advancing the security of our technology ecosystem. Our mission is to proactively protect our customers, associates, and business by modernizing our security capabilities, elevating our defensive posture, and enabling secure innovation at scale. As GEICO transforms its technology landscape, Cybersecurity plays a pivotal role in delivering secure, reliable, and future-ready solutions that support every line of business and every customer channel-empowering the enterprise with protection that is adaptable, intelligent, and built for the evolving threat landscape.
What do you bring in?
This role is designed for a highly technical, hands-on security engineer who thrives at the intersection of vulnerability management, offensive security, and emerging AI-driven threats and defenses. You bring deep domain expertise across penetration testing, red and purple teaming, and modern security engineering, coupled with the ability to leverage AI to scale both offensive insights and defensive capabilities. You are customer-obsessed in your approach to security, operating with a strong sense of ownership and urgency in a fast-paced environment. You excel at translating complex technical risks and security concepts into clear, business-aligned outcomes that resonate with senior executives and drive action. A self-starter by nature, you navigate ambiguity with confidence, independently overcome challenges, and consistently deliver measurable results. You are equally comfortable advising executive leadership as you are designing and building secure systems, bringing a rare blend of strategic influence and deep engineering execution to elevate the organization's security posture.
Key Responsibilities
VM & OffSec Execution
  • Lead the strategy and technical execution of Vulnerability Management, Offensive Security, and AI-augmented security at scale.
  • Lead the full vulnerability lifecycle: discovery, validation, risk analysis, prioritization, and remediation measurement.
  • Leverage business contextualization, underlying systems, threat intelligence, and AI frontier models to perform risk assessment for identifying true risk to drive remediation.
  • Integrations among scanning tools, asset inventory, CMDBs, ticketing, CI/CD, and monitoring pipelines to streamline workflows.
  • Evaluate, test, and implement emerging AI technologies that advance automated discovery and remediation.
  • Design automation to reduce manual work, increase accuracy, and accelerate remediation.
  • Generate data-driven insights that help teams understand, prioritize, and resolve vulnerabilities efficiently.

Cross-Functional Partnership
  • Drive customer success for the vulnerability management and offensive security functions.
  • Play role of an advisor to senior executive leadership.
  • Collaborate with cloud, infrastructure, DevOps, and product engineering groups to integrate vulnerability management into pipelines and delivery workflows.
  • Work closely with risk, compliance, governance, and incident response teams to ensure alignment with organizational and regulatory standards.
  • Communicate vulnerability trends, risk implications, and remediation strategies to technical and non-technical stakeholders.

Operational Excellence & Measurement
  • Define KPIs, SLAs, dashboards, and reporting models to drive accountability and measurable vulnerability reduction.
  • Establish repeatable processes, playbooks, and workflows that ensure consistent VM operations across teams and environments.
  • Ensure the reliability, performance, and scalability of VM tools and data pipelines.

Leadership, Mentoring & Team Development
  • Mentor junior and mid-level engineers, offering guidance on advanced security concepts, engineering best practices, and career development.
  • Serve as a multiplier by elevating skillsets across teams through coaching, pairing, design reviews, and knowledge-sharing.
  • Influence architecture and engineering leadership with clear communication, strong decision-making, and the ability to simplify complex security issues.

Required Qualifications
  • 10+ years of experience in cybersecurity or security engineering roles.
  • Deep expertise with vulnerability management tools, methodologies, and industry standards.
  • Hands-on experience with modern infrastructure, cloud services (AWS/Azure/GCP), container platforms, and operating systems.
  • Proficiency with a modern programming language (Python, Go, Java, etc.) and scripting for automation at scale.
  • Strong understanding of security architecture, networking, operating systems, identity, and cloud services.
  • Proven ability to lead, mentor, and inspire engineers across multiple teams.
  • Strong communication skills with the ability to influence senior stakeholders and translate complex risks into actionable guidance.
  • Hands-on experience implementing cybersecurity frameworks e.g. NIST CSF
  • Hands-on experience with leading compliance initiatives to meet e.g. PCI, SOX, NYDFS, etc.

Preferred Qualifications
  • Exposure to comprehensive security assessment, penetration testing, threat modeling, or security research.
  • Familiarity with SIEM, SOAR, and asset intelligence integrations.
  • Security certifications (CISSP, GCSA, OSCP, cloud security certs) are a plus.
  • Experience embedding security controls into CI/CD pipelines and DevSecOps workflows.

Education:
  • Bachelor's degree in computer science, Cyber Security, or equivalent education with relevant work experience

Annual Salary
$120,000.00 - $260,000.00
The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations.
At this time, GEICO will not sponsor a new applicant for employment authorization for this position.
The GEICO Pledge:
Great Company: Protecting customers through life's twists and turns with innovation and integrity.
Great Careers:Personalized development programs, mentorship, and certification assistance.
Great Culture:Inclusive and collaborative culture rooted in shared success.
Great Rewards:Competitive pay, benefits, and flexibility to support your well-being and future.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.

What GEICO employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


GEICO logo

About GEICO

Sourced by ZipRecruiter

GEICO is built on ingenuity, perseverance, innovation, resilience, and hard, honest work. From its humble beginnings in the midst of the Great Depression to its current place as one of the most successful companies in the nation, GEICO represents a quintessential American success story. At GEICO, we love that our associates are proud goal-seekers, and that's why we believe in celebrating their milestones and rewarding their achievements. Throughout the year we reward performance and accomplishments, host programs that recognize personal successes, and acknowledge innovation, service, and leadership.

Industry

Insurance services

Company size

10,000+ Employees

Headquarters location

Chevy Chase, MD, US

Year founded

1936