1

Trainee Offensive Security Engineer Jobs (NOW HIRING)

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on ...

next page

Showing results 1-20

Trainee Offensive Security Engineer information

See salary details

$61.5K

$152.8K

$205.5K

How much do trainee offensive security engineer jobs pay per year?

As of Jul 10, 2026, the average yearly pay for trainee offensive security engineer in the United States is $152,773.00, according to ZipRecruiter salary data. Most workers in this role earn between $143,000.00 and $158,500.00 per year, depending on experience, location, and employer.

What does a Trainee Offensive Security Engineer do?

A Trainee Offensive Security Engineer is an entry-level cybersecurity professional who learns to identify and exploit security vulnerabilities in computer systems, networks, and applications. Their primary role involves assisting more experienced engineers in tasks such as penetration testing, vulnerability assessments, and security audits. They also learn how to document findings, report security issues, and suggest improvements to strengthen defenses. This position is typically a stepping stone into more advanced offensive security roles, with a strong focus on hands-on learning and professional development.

What is the difference between Trainee Offensive Security Engineer vs Junior Penetration Tester?

AspectTrainee Offensive Security EngineerJunior Penetration Tester
CertificationsBasic security certifications (e.g., CompTIA Security+)Certifications like OSCP or CEH are common but not mandatory
Work EnvironmentHands-on security testing, vulnerability assessments, learning offensive techniquesPerforming penetration tests, vulnerability scans, reporting
Industry UsageEntry-level role in cybersecurity teams focusing on offensive securityEntry-level security testing role, often in consulting firms or internal security teams

The Trainee Offensive Security Engineer is an entry-level role focused on learning offensive security techniques, often involving hands-on vulnerability testing and security assessments. The Junior Penetration Tester also performs security testing but may have a narrower scope. Both roles are suitable for those starting in cybersecurity, with the trainee position emphasizing broader offensive skills development.

What are the key skills and qualifications needed to thrive as a Trainee Offensive Security Engineer, and why are they important?

To thrive as a Trainee Offensive Security Engineer, you need a foundational understanding of computer networks, operating systems, cybersecurity principles, and often a relevant degree or certification such as CompTIA Security+ or OSCP. Familiarity with penetration testing tools like Metasploit, Burp Suite, and Kali Linux, as well as basic scripting skills, is typically required. Strong problem-solving abilities, analytical thinking, and effective communication are essential soft skills for success in this field. These skills and qualities are vital to identify vulnerabilities, report findings clearly, and contribute to the organization’s overall security posture.

What are some common challenges faced by Trainee Offensive Security Engineers during their initial projects?

Trainee Offensive Security Engineers often encounter challenges such as adapting to rapidly evolving security tools and understanding complex network environments. Balancing the need for thorough documentation with the fast-paced nature of penetration testing can also be demanding. Additionally, collaborating with experienced team members and communicating findings to non-technical stakeholders are important skills that may require practice. Supportive mentorship and hands-on learning opportunities within the team can help overcome these initial hurdles.
More about Trainee Offensive Security Engineer jobs
What cities are hiring for Trainee Offensive Security Engineer jobs? Cities with the most Trainee Offensive Security Engineer job openings:
What are the most commonly searched types of Offensive Security Engineer jobs? The most popular types of Offensive Security Engineer jobs are:
What states have the most Trainee Offensive Security Engineer jobs? States with the most job openings for Trainee Offensive Security Engineer jobs include:
What job categories do people searching Trainee Offensive Security Engineer jobs look for? The top searched job categories for Trainee Offensive Security Engineer jobs are:
Infographic showing various Trainee Offensive Security Engineer job openings in the United States as of July 2026, with employment types broken down into 95% Full Time, 2% Part Time, and 3% Contract. Highlights an 87% Physical, 4% Hybrid, and 9% Remote job distribution, with an average salary of $152,773 per year, or $73.4 per hour.
Senior Engineer, Offensive Security

Senior Engineer, Offensive Security

Humana

Louisville, KY

$110K - $150K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 7 days ago


Humana rating

7.9

Company rating: 7.9 out of 10

Based on 260 frontline employees who took The Breakroom Quiz

155th of 278 rated insurance


Job description

Become a part of our caring community
*Selected candidate must reside within approximately 60 minutes driving distance from one of the following locations: ((Louisville KY, NYC Metro, Dallas Metro, Charlotte NC Metro, South Florida(Tampa/Miami/Ft Lauderdale) , Washington DC metro, Chicago, Boston, Atlanta, Nashville))
We're building a new AI & Offensive Tooling capability inside our Offensive Security organization, and we're looking for a senior engineer who can both build it and use it. As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on real penetration tests, purple-team exercises, and red-team operations. You'll also bring that same offensive lens to the enterprise's own AI systems.
It's one loop: build the tooling, prove it on live engagements, feed what you learn back into the tooling. And it's a rare chance to do that hands-on inside a program that helps protect the health data of millions of people.

What you'll do

One integrated mission, four ways it shows up:

Build agentic offensive tooling. Write production-quality software and AI agents, LLM-driven planning loops, multi-agent orchestration, and tool/function-calling that drives real offensive tooling, and contribute to the in-house agent platform that powers our pentest and red-team operations. You'll operate this as a production, event-driven cloud platform at real scale (dozens of serverless functions, change-stream data pipelines, hundreds of operational alarms, integrated LLM inference), real software engineering, not proof-of-concept scripting.

Run penetration tests. Network, web-application, cloud, and infrastructure testing, recon through exploitation, privilege escalation, and lateral movement, accelerated by the tooling you build, with your own judgment owning scope and exploitability.

Run purple-team exercises. Validate security countermeasures (EDR/XDR, NDR, DLP, firewalls) with our defensive partners, then pair with detection engineering to close the gaps your attacks reveal.

Run red-team operations and test the enterprise's own AI. Objective-driven adversary emulation; and adversarial assessment of internal LLM-powered products, agents, RAG pipelines, and ML applications, prompt injection, jailbreaks, model extraction and inversion, membership inference, data and supply-chain poisoning, evasion, and agent tool/sandbox abuse, validating that guardrails and classifiers actually hold.

Your first 6-12 months

  • First 90 days: ramp on the agent platform and the offensive service lines; deliver your first engagements (a penetration test and a purple-team exercise) and ship one improvement to the agentic tooling that you used during them.
  • By 6 months: ship at least one AI-driven tool that a service line adopts into its live workflow, with metrics showing coverage or turnaround gains; run a red-team operation end to end.
  • By 12 months: stand up repeatable adversarial testing for at least one of the enterprise's own AI systems; establish an evaluation approach that tracks your tooling's autonomous success against representative targets; become a go-to for both building and operating across the team.

Why this role, and why here

  • Build and operate (both, for real). Most offensive roles let you build or operate. This one is explicitly both: you ship the software and you run the engagements, so your tooling is shaped by someone who actually uses it.
  • A program that's already serious about AI. Fridays are dedicated to R&D. You'll have Hack The Box Pro Labs, all HTB role-based paths and certifications, discretionary certification funding, and conference/training budgets. You'll work alongside the Lead of our new AI & Offensive Tooling capability-contributing to the platform they own while running your own engagements.
  • Mission that matters. Offensive Security identifies weaknesses so the business can fix them before adversaries exploit them, protecting the data and care of millions of people. AI is entering both our adversaries' tradecraft and our own operations faster than traditional tooling keeps up; you help keep us ahead.

Use your skills to make an impact

What we're looking for

We're hiring for a genuinely hybrid skill set, real offensive operations and real AI engineering. You do not need to check every box below. We expect depth in one half and real credibility plus a desire to grow in the other, not day-one mastery of both. If you're a strong offensive operator who has built real AI tooling, or a strong AI/agent builder with serious hands-on offensive experience, we want to hear from you.

Required Qualifications:

  • Offensive operations experience: 4+ years in roles such as Red Team, Penetration Testing, Purple Team / control validation, or Bug Bounty, with a track record of delivering engagements end to end: scoping, execution, and clear written findings.
  • Production Python engineering: you build and operate real tooling, not only one-off scripts.
  • You've built with agentic AI: hands-on designing, building, or operating AI agents or LLM applications: agentic workflows, tool/function-calling, and orchestration. (We care about what you've shipped and operated, not years on a particular framework-these frameworks are only a few years old.)
  • You've attacked AI: hands-on testing of AI/ML systems: prompt injection, jailbreaking, and adversarial techniques.
  • Cloud fluency: production experience with at least one major Cloud Service Provider (AWS, GCP, or Azure).

Preferred Qualifications:

  • Built autonomous or semi-autonomous offensive agents, LLM-driven penetration-testing agents, or reinforcement-learning exploit and attack-path planners.
  • Red-team tradecraft: C2 frameworks (e.g. Cobalt Strike, Sliver, Mythic), evasion and OPSEC, and testing endpoints protected by modern EDR/XDR.
  • Purple-team and adversary-emulation fluency: MITRE ATT&CK, and platforms such as VECTR or Atomic Red Team.
  • Hands-on with AI red-teaming frameworks such as PyRIT or Garak, and fluent in MITRE ATLAS, the OWASP Top 10 for LLM Applications, and the NIST AI Risk Management Framework.
  • Model Context Protocol (MCP), building clients/servers, or testing them and RAG pipelines for tool/prompt-injection abuse.
  • Cloud penetration-testing depth or multi-cloud breadth; threat-intelligence-driven operations; depth in an advanced offensive specialty (malware development, advanced red-team operations, or adversarial ML research).
  • Published research, open-source contributions, or talks at DEF CON (incl. the AI Village / Generative Red Team), BSides, x33fcon, or Black Hat, or strong showings in AI-security competitions like HackAPrompt.
  • Certifications are a plus, not a gate, offensive (e.g. OSCP, OSEP, OSED, OSCE3, CRTO, CRTL, CPTS, CWES, CWEE, CAPE) and emerging AI-security (e.g. the OffSec AI Red Teamer (OSAI / AI-300), the SANS/GIAC AI security line, the HTB AI Red Teamer path).

How you'll work

You'll work with considerable autonomy on moderately complex engagements and influence the team's technical direction through your expertise. You'll embed with each service line and the AI & Tooling Lead rather than build in isolation; ship software with engineering rigor (reproducibility, evaluation, safety guardrails, human-in-the-loop where offensive operations demand it); deliver findings and tooling with reproduction steps, severity, business impact, and remediation; track risk in the enterprise risk platform; and operate within the organization's acceptable-use-of-AI policies and offensive security rules of engagement.

Work at Home Requirements To ensure Home or Hybrid Home/Office employees' ability to work effectively, the self-provided internet service of Home or Hybrid Home/Office employees must meet the following criteria: At minimum, a download speed of 25 Mbps and an upload speed of 10 Mbps is required; wireless, wired cable or DSL connection is suggested. In certain roles, the minimum recommended internet speed required by Humana may not be sufficient for business needs. Humana reserves the right to require associates to upgrade their internet service if necessary. Work from a dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information. Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.

Scheduled Weekly Hours

40

Pay Range

The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.


$117,600 - $161,700 per year


This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.

Description of Benefits

Humana, Inc. and its affiliated subsidiaries (collectively, "Humana") offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.
About us
About Humana: Humana Inc. (NYSE: HUM) is a leading U.S. healthcare company. Through our Humana insurance services and our CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health - delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare and Medicaid, families, individuals, military service personnel, and communities at large. Learn more about what we offer atHumana.comand atCenterWell.com.


Equal Opportunity Employer

It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.


What Humana employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Humana logo

About Humana

Sourced by ZipRecruiter

Humana Inc., headquartered in Louisville, KY., is a leading health care company that offers a wide range of insurance products and health and wellness services that incorporate an integrated approach to lifelong well-being. By leveraging the strengths of its core businesses, Humana believes it can better explore opportunities for existing and emerging adjacencies in health care that can further enhance wellness opportunities for the millions of people across the nation with whom the company has relationships.

Industry

Health care and social assistance

Company size

10,000+ Employees

Headquarters location

Louisville, KY, US

Year founded

1961

Social media