×
Register Here to Apply for Jobs or Post Jobs. X

Senior Engineer, Offensive Security

Job in Charlotte, Mecklenburg County, North Carolina, 28201, USA
Listing for: Humana Inc.
Full Time position
Listed on 2026-07-04
Job specializations:
  • IT/Tech
    AI Engineer (Applied/Software), Cybersecurity
Job Description & How to Apply Below
Become a part of our caring community

* Selected candidate must reside within approximately 60 minutes driving distance from one of the following locations: ((Louisville KY, NYC Metro, Dallas Metro, Charlotte NC Metro, South Florida(Tampa/Miami/Ft Lauderdale) , Washington DC metro, Chicago, Boston, Atlanta, Nashville))

We're building a new AI & Offensive Tooling capability inside our Offensive Security organization, and we're looking for a senior engineer who can both build it and use it. As Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you'll build the AI and agentic tooling that makes our offensive operations faster and broader, then prove it where it counts, on real penetration tests, purple-team exercises, and red-team operations.

You'll also bring that same offensive lens to the enterprise's own AI systems.

It's one loop: build the tooling, prove it on live engagements, feed what you learn back into the tooling. And it's a rare chance to do that hands-on inside a program that helps protect the health data of millions of people.

What you'll do

One integrated mission, four ways it shows up:

Build agentic offensive tooling. Write production-quality software and AI agents, LLM-driven planning loops, multi-agent orchestration, and tool/function-calling that drives real offensive tooling, and contribute to the in-house agent platform that powers our pentest and red-team operations. You'll operate this as a production, event-driven cloud platform at real scale (dozens of serverless functions, change-stream data pipelines, hundreds of operational alarms, integrated LLM inference), real software engineering, not proof-of-concept scripting.

Run penetration tests. Network, web-application, cloud, and infrastructure testing, recon through exploitation, privilege escalation, and lateral movement, accelerated by the tooling you build, with your own judgment owning scope and exploitability.

Run purple-team exercises. Validate security countermeasures (EDR/XDR, NDR, DLP, firewalls) with our defensive partners, then pair with detection engineering to close the gaps your attacks reveal.

Run red-team operations and test the enterprise's own AI. Objective-driven adversary emulation; and adversarial assessment of internal LLM-powered products, agents, RAG pipelines, and ML applications, prompt injection, jailbreaks, model extraction and inversion, membership inference, data and supply-chain poisoning, evasion, and agent tool/sandbox abuse, validating that guardrails and classifiers actually hold.

Your first 6-12 months

* First 90 days: ramp on the agent platform and the offensive service lines; deliver your first engagements (a penetration test and a purple-team exercise) and ship one improvement to the agentic tooling that you used during them.

* By 6 months: ship at least one AI-driven tool that a service line adopts into its live workflow, with metrics showing coverage or turnaround gains; run a red-team operation end to end.

* By 12 months: stand up repeatable adversarial testing for at least one of the enterprise's own AI systems; establish an evaluation approach that tracks your tooling's autonomous success against representative targets; become a go-to for both building and operating across the team.

Why this role, and why here

* Build and operate (both, for real). Most offensive roles let you build or operate. This one is explicitly both: you ship the software and you run the engagements, so your tooling is shaped by someone who actually uses it.

* A program that's already serious about AI. Fridays are dedicated to R&D. You'll have Hack The Box Pro Labs, all HTB role-based paths and certifications, discretionary certification funding, and conference/training budgets. You'll work alongside the Lead of our new AI & Offensive Tooling capability-contributing to the platform they own while running your own engagements.

* Mission that matters. Offensive Security identifies weaknesses so the business can fix them before adversaries exploit them, protecting the data and care of millions of people. AI is entering both our adversaries' tradecraft and our own operations faster than traditional tooling keeps up; you help keep us ahead.

Use your skills to make an impact

What we're looking for

We're hiring for a genuinely hybrid skill set, real offensive operations and real AI engineering. You do not need to check every box below. We expect depth in one half and real credibility plus a desire to grow in the other, not day-one mastery of both. If you're a strong offensive operator who has built real AI tooling, or a strong AI/agent builder with serious hands-on offensive experience, we want to hear from you.

Required Qualifications:

* Offensive operations experience: 4+ years in roles such as Red Team, Penetration Testing, Purple Team / control validation, or Bug Bounty, with a track record of delivering engagements end to end: scoping, execution, and clear written findings.

* Production Python engineering: you build and operate…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary