Lead Offensive Security Engineer

4 weeks ago


Atlantic City, United States Veracity EngineeringAvance Consulting Full time

About the role:

We are looking for a highly skilled Offensive Security Engineer to join our growing cybersecurity team. This role is integral to executing sophisticated offensive security operations, including red teaming, penetration testing, and tailored cybersecurity exercises. As an Offensive Security Engineer, you will lead assessments that mimic real-world adversarial tactics, techniques, and procedures to identify vulnerabilities, improve defensive strategies, and strengthen our security posture.

This position offers a hybrid schedule. Ideal candidates must be local to the Atlantic City, NJ or DMV area.

Key Responsibilities:

  • Plan, design, and execute red team engagements, including adversary emulation, to assess the resilience of systems and processes.

  • Perform manual penetration testing on web applications, infrastructure, cloud services, and API’s utilizing creative and unconventional approaches to discover vulnerabilities.

  • Develop custom attack vectors and exploit vulnerabilities manually, emphasizing stealth and persistence to emulate real adversary behavior.

  • Lead cybersecurity exercises and create targeted attack scenarios to test response effectiveness.

  • Assess and prioritize risks based on manual testing outcomes, providing actionable remediation recommendations.

  • Collaborate with blue teams and stakeholders to refine detection, response, and prevention strategies.

  • Document technical findings in clear, concise reports and communicate results to both technical and non-technical audiences.

  • Continuously stay updated on the latest threats, vulnerabilities, and offensive security techniques.

  • Implement and maintain red team and penetration testing tools, ensuring they are effective, up-to-date, and properly configured for engagements.

Qualifications:

  • 10+ years of experience in cyber security, with at least 4 years in red teaming or adversary emulation required.

  • 5 years of experience may be substituted for the Bachelor's degree.

  • A Master’s or MBA may be substituted for a Bachelor's degree and 3 years of experience.

  • A PhD in a related field may be substituted for Bachelor's degree and 7 years of experience.

  • At least one of the following offensive security certifications such as OSCP, OSCE, OSEP, OSWE, CRTO, CRTP, GPEN, GXPN, or BSCP.

Required Skills:

  • Proven ability to emulate adversary tactics, techniques, and procedures (TTPs) without relying heavily on automated tools.

  • Strong experience in manual penetration testing, focusing on identifying business logic flaws, misconfigurations, and complex vulnerabilities.

  • Proficiency in using manual exploitation techniques to identify and leverage privilege escalation paths, lateral movement opportunities, and persistence mechanisms.

  • Solid understanding of internal network penetration techniques, Active Directory attacks, and techniques for evading defenses.

  • Understanding of Windows, Linux, and cloud infrastructure (e.g., AWS, Azure) from an attacker perspective.

  • Experience working in collaborative offensive-defensive engagements to improve detection and response.

  • Excellent technical writing and communication skills, with the ability to clearly present findings and articulate complex vulnerabilities.

  • Understanding of operational security (OPSEC) and evasion strategies to mimic advanced persistent threats.

  • Hold or be eligible to obtain a security clearance of SECRET or higher.

  • Familiarity with threat frameworks such as MITRE ATT&CK and proficiency in mapping TTPs to scenarios.

Preferred Skills:

  • Ability to develop custom exploits or modify existing ones to evade detection and achieve engagement goals.

  • Experience implementing C2 frameworks such as Cobalt Strike.

  • Advanced scripting knowledge (e.g., Python, PowerShell, Bash) for developing custom tools and payloads.

  • Experience with DevOps and CI/CD technologies.

  • Experience testing AI/ML systems, including LLMs.

  • Working knowledge of NIST, OMB, DOT, or FAA security requirements.



  • Atlantic City, United States Veracity Engineering Full time

    Lead Offensive Security EngineerFacility/Facilities: HybridVeracity Engineering is an industry leader in aviation engineering and management consulting. We apply proven principles and innovative approaches to solve tomorrow’s problems today. Since 2001, Veracity’s staff of experienced, passionate and creative professionals has provided our government and...


  • Atlantic City, United States Veracity Engineering Full time

    Job Title: Lead Offensive Security EngineerAbout the role:Veracity is looking for a highly skilled Offensive Security Engineer to join our growing cybersecurity team to support FAA in Atlantic City, NJ. This role is integral to executing sophisticated offensive security operations, including red teaming, penetration testing, and tailored cybersecurity...


  • Atlantic City, United States Veracity Engineering Full time

    Job Title: Lead Offensive Security EngineerAbout the role:Veracity is looking for a highly skilled Offensive Security Engineer to join our growing cybersecurity team. This role is integral to executing sophisticated offensive security operations, including red teaming, penetration testing, and tailored cybersecurity exercises. As an Offensive Security...


  • Salt Lake City, United States University of Utah Full time

    Verint Systems, Inc. Senior Offensive Security Specialist Salt Lake City, Utah Apply Now At Verint, we believe customer engagement is the core of every global brand. Our mission is to help organizations elevate Customer Experience (CX) and increase workforce productivity by delivering CX Automation. We hire innovators with the passion, creativity, and drive...


  • Kansas City, United States Konica Minolta Business Solutions Full time

    Overview The primary role of a Senior Offensive Security Consultant at Depth Security is to perform multidisciplinary assessment services as needed. Examples include Application Security Assessments against web apps, mobile apps, web services, and fat-client applications. Proficiency in delivering Network Vulnerability and Penetration Assessments both...


  • Jersey City, United States Staffworthy Full time

    About the job Application Offensive Security Consultant Experience level: Mid-senior Experience required: 6 Years Education level: Bachelors degree Job function: Information Technology Industry: Financial Services Total position: 1 Why you'll love this job:Being a member of the Application Security team, you will be part of the Technology Risk initiative to...


  • Jersey City, United States Resiliency Full time

    Job Summary Being a member of the Application Security team, you will be part of the Technology Risk initiative to support offensive security assessments on applications and provide SME guidance to key projects. The Application Offensive Security Consultant is responsible for providing technical direction and performing security assessment on applications....


  • Jersey City, United States KPG99 INC Full time

    Title: Application Offensive Security Consultant - Red TeamingDuration: 12 monthsVisa: USC/GC/GC-EADHybrid: Jersey City, NJ (Local to NJ Candidates, or nearby within 100 mi.)MUST HAVE RED TEAMING EXPERIENCE ALONG WITH MANUAL PENETRATION TESTING.Being a member of the Application Security team, you will be part of the Technology Risk initiative to support...


  • jersey city, United States KPG99 INC Full time

    Title: Application Offensive Security Consultant - Red TeamingDuration: 12 monthsVisa: USC/GC/GC-EADHybrid: Jersey City, NJ (Local to NJ Candidates, or nearby within 100 mi.)MUST HAVE RED TEAMING EXPERIENCE ALONG WITH MANUAL PENETRATION TESTING.Being a member of the Application Security team, you will be part of the Technology Risk initiative to support...


  • jersey city, United States KPG99 INC Full time

    Title: Application Offensive Security Consultant - Red TeamingDuration: 12 monthsVisa: USC/GC/GC-EADHybrid: Jersey City, NJ (Local to NJ Candidates, or nearby within 100 mi.)MUST HAVE RED TEAMING EXPERIENCE ALONG WITH MANUAL PENETRATION TESTING.Being a member of the Application Security team, you will be part of the Technology Risk initiative to support...


  • jersey city, United States Sharp Decisions Full time

    NO H1BsNO 3rd PARTIESMUST HAVE RED TEAMING EXPERIENCE ALONG WITH MANUAL PENETRATION TESTING.Being a member of the Application Security team, you will be part of the Technology Risk initiative to support offensive security assessments on applications and provide SME guidance to key projects.The Application Offensive Security Consultant is responsible for...


  • jersey city, United States Sharp Decisions Full time

    NO H1BsNO 3rd PARTIESMUST HAVE RED TEAMING EXPERIENCE ALONG WITH MANUAL PENETRATION TESTING.Being a member of the Application Security team, you will be part of the Technology Risk initiative to support offensive security assessments on applications and provide SME guidance to key projects.The Application Offensive Security Consultant is responsible for...


  • Jersey City, United States Sharp Decisions Full time

    NO H1BsNO 3rd PARTIESMUST HAVE RED TEAMING EXPERIENCE ALONG WITH MANUAL PENETRATION TESTING.Being a member of the Application Security team, you will be part of the Technology Risk initiative to support offensive security assessments on applications and provide SME guidance to key projects.The Application Offensive Security Consultant is responsible for...


  • Jersey City, United States Snapx Full time

    This role is Contract to Hire ! Notes from HM : Must have a good background in testing applications (Im not looking for a knowitall). Just a honest resume that reflects experience in application security testing and some red teaming. I knew it might be a process of patience in finding someone The ideal candidate would be someone who has been in...


  • Jersey City, United States Waterfall Technology Consulting Partners LLC Full time

    About the job Application Offensive Security Consultant - Temp to Perm - Jersey City, NJ WTCP is a dynamic and innovative staffing organization with a proven track record of success. We are dedicated to delivering results by connecting qualified industry professionals with suitable employment opportunities, facilitating a mutually beneficial relationship...


  • Jersey City, United States Sharp Decisions Full time

    Hybrid in Jersey City, NJ 2-3 days onsite. only on W2Applying for this role is straight forward Scroll down and click on Apply to be considered for this position.Minimum of 6 years of experience in penetration testingRed -Teaming experienceMinimum of 4 years of experience in App PenTest tools such as Burp Suite, Owasp Zap Ability to explain vulnerabilities...


  • new york city, United States Eleven Recruiting Full time

    Job Overview: We are seeking a proactive and skilled Lead Cyber Security Engineer to join our expanding team. This role is ideal for someone with strong leadership attributes who can help build and enhance our Security Operations Center (SOC). You will play a critical role in developing processes, metrics, and integration strategies, focusing on blue team...


  • new york city, United States Eleven Recruiting Full time

    Job Overview: We are seeking a proactive and skilled Lead Cyber Security Engineer to join our expanding team. This role is ideal for someone with strong leadership attributes who can help build and enhance our Security Operations Center (SOC). You will play a critical role in developing processes, metrics, and integration strategies, focusing on blue team...


  • Park City, United States L3Harris Technologies Full time

    Job Title: Lead, Information Security Systems Engineering - NGJ Job Location: Salt Lake City-UT Job Code: 15816 Job Schedule: 9/80, every other Friday off Position Overview: This Subject Matter Expert will apply current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and...


  • Park City, United States L3Harris Technologies Full time

    Job Title: Lead, Information Security Systems Engineering - NGJ Is this the next step in your career Find out if you are the right candidate by reading through the complete overview below. Job Location: Salt Lake City-UT Job Code: 17546 Job Schedule: 9/80, every other Friday off Position Overview: This Subject Matter Expert will apply current systems...