Senior Adversary Ops Engineer - Pen Testing & Purple Team

We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time.

The Senior Adversary Operations Engineer plays a critical role in strengthening the organization’s security posture by executing advanced penetration testing and adversary simulation activities that uncover high‑risk vulnerabilities across enterprise, cloud, identity, API, and application environments. This role operates with a high degree of autonomy, leading engagements end‑to‑end from scoping through execution, reporting, and remediation guidance while maintaining a strong focus on real‑world exploitability and business impact.

By developing and chaining sophisticated attack paths, the engineer delivers clear, actionable insights that enable leadership to make informed, risk‑based decisions and prioritize remediation aligned to business objectives.

Beyond identifying weaknesses, this role directly improves the organization’s detection and response capabilities. Through close collaboration with detection engineering, SOC, and incident response teams, the Senior Adversary Operations Engineer translates offensive findings into measurable defensive enhancements, including improved telemetry, alerting, and response workflows. Leveraging threat intelligence and continuously refining adversary tradecraft, the role ensures testing remains aligned with evolving attacker behavior while supporting incident investigations and post‑event analysis contributing to a more resilient, intelligence‑driven security program.

• Conduct internal and external penetration tests to identify and exploit vulnerabilities.
• Develop and execute adversary emulation scenarios to assess the effectiveness of the organization’s detection and response capabilities.
• Utilize and maintain a comprehensive suite of penetration testing tools, including Kali Linux, Metasploit, Nmap, and custom scripts.
• Create detailed reports with findings and actionable recommendations for remediation.

• Work closely with blue teams to design and execute purple team exercises that bridge offensive and defensive security efforts.
• Provide actionable insights to improve security monitoring, alerting, and incident response based on penetration testing results.
• Facilitate knowledge-sharing sessions to upskill internal teams on adversary tactics, techniques, and procedures (TTPs).

• Contribute to the development of a comprehensive adversary operations strategy aligned with organizational risk management goals.
• Provide executive leadership with detailed reports on security gaps, risks, and the effectiveness of security controls.
• Prioritize remediation efforts based on risk impact and operational feasibility.

• Automate common penetration testing tasks using Python, Power Shell, or Bash scripting to increase efficiency.
• Contribute to the development of custom tools for red teaming and penetration testing.

• Assist the incident response team by providing adversary tactics insights during active investigations.
• Collaborate on developing threat-hunting use cases and refining detection capabilities based on attack simulations.

• 5+ years of hands‑on experience in penetration testing, red teaming, or offensive security.
• 3+ years of experience in Kali Linux, Metasploit, Nmap, Burp Suite, and/or other related tools.
• 3+ years of experience in scripting languages (Python, Power Shell, Bash, etc).
• 3+ years of experience with cloud security (AWS, Azure, GCP) and container security.

• Relevant certifications such as OSCP, OSCE, CISSP, CEH, or GPEN.
• Experience in managing or participating in purple team exercises.
• Familiarity…