×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Security Manager Information Security

Cyber Security Offensive Security Engineer - Lead: Corporate Information Security

Job in Costa Mesa, Orange County, California, 92626, USA
Listing for: Hoag
Full Time position
Listed on 2026-02-23
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Security Manager, Information Security
Salary/Wage Range or Industry Benchmark: 120000 - 160000 USD Yearly USD 120000.00 160000.00 YEAR
Job Description & How to Apply Below

Cyber Security Offensive Security Engineer - Lead:
Corporate Information Security Job Description

The Lead Offensive Security Engineer leads the design, execution, and continuous improvement of Hoag's offensive security program. This role proactively identifies, validates, and assesses vulnerabilities by simulating advanced adversary tactics, techniques, and procedures (TTPs). Provides expert guidance and mentorship, ensuring the organization's security posture is rigorously tested against real-world threats and fully aligned with healthcare regulatory requirements.

  • Leads and conducts advanced, objective-based penetration tests and red team engagements against corporate networks, cloud environments (AWS/Azure), web applications, and mobile applications.
  • Designs and executes security assessments of critical healthcare infrastructure, including the Internet of Medical Things (IoMT), operational technology (OT), and other clinical systems, to identify vulnerabilities affecting patient care and data integrity.
  • Performs targeted social engineering (phishing, vishing, physical) simulations to test and improve human- and process-level security controls.
  • Develops and maintains a modern offensive security toolset; automates engagement tasks and TTP simulation using scripting (Python, Power Shell, etc.).
  • Partners with defensive (Blue Team) and engineering teams to conduct 'Purple Team' exercises, testing and enhancing the effectiveness of defensive controls (SIEM, EDR, CASB).
  • Develops detailed, high-quality reports with actionable remediation recommendations and presents findings to both technical and executive leadership.
  • Mentors junior engineers and provides offensive security subject matter expertise across the organization.
  • Continuously researches emerging adversary TTPs, new vulnerabilities, and exploitation techniques, integrating this intelligence into the testing methodology.
  • Provides technical validation for compliance and risk management (HIPAA, NIST, CIS), demonstrating the real-world impact of identified risks.
  • Assist with advanced incident response and forensic investigations by providing an attacker's perspective and root cause analysis.
Qualifications

Qualifications

Education and Experience

  • Bachelor’s degree in Cyber Security, Computer Science, Computer Information Systems, or related technical field, or equivalent work experience.
  • 5+ years’ experience in a dedicated Offensive Security role (e.g., Penetration Tester, Red Team Operator, Security Consultant).
  • Expert-level understanding of network protocols, cryptography, application security (OWASP Top 10), and common attack frameworks (MITRE ATT&CK).
  • Advanced knowledge of Windows, Linux, and cloud platform (AWS, Azure) exploitation, configuration, and hardening.
  • Proven experience with common penetration testing tools (e.g., Burp Suite, Cobalt Strike, Metasploit, Nmap) and custom script/tool development.
  • Strong understanding of regulatory frameworks (HIPAA, NIST, CIS) and their application to offensive security.
  • Excellent communication and report-writing skills, with the ability to articulate complex technical vulnerabilities to diverse audiences.

Experience assessing specialized systems (e.g., IoMT, OT, embedded devices) is preferred.

Certifications Preferred:

  • OSCP (Offensive Security Certified Professional) , CPTS (Certified Penetration Testing Specialist)
  • OSWE (Offensive Security Web Expert), CWEE (Certified Web Exploitation Expert)
  • OSEP (Offensive Security Experienced Penetration Tester)
  • Other advanced, hands-on offensive certifications (e.g., CAPE, OSED, OSEE)
About Us

Hoag Memorial Hospital Presbyterian is a nonprofit regional health care delivery network in Orange County, California, consisting of three acute-care hospitals with sixteen urgent care centers, eleven health centers and a network of more than1,800 physicians, 100 allied health members, 8,000 employees, and 2,000 volunteers. More than 30,000 inpatients and 550,000 outpatients choose Hoag each year.

For over 70 years, Hoag has delivered a level of personalized care that is unsurpassed among Orange County’s health care providers. Since 1952, Hoag has served the local communities and continues its…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search