More jobs:
Offensive Security Engineer; Red Team
Job in
Brooklyn, Cuyahoga County, Ohio, USA
Listed on 2026-01-10
Listing for:
KeyCorp
Full Time
position Listed on 2026-01-10
Job specializations:
-
IT/Tech
Cybersecurity, Security Manager
Job Description & How to Apply Below
Brooklyn, OHtime type:
Full time posted on:
Posted Todaytime left to apply:
End Date:
January 23, 2026 (14 days left to apply) job requisition :
R-35957
*
* Location:
** 4910 Tiedeman Road, Brooklyn Ohio Our Cyber Adversary and Exposure Mgmt. team rolls up into Key’s broader Cyber Defense function within Corporate Information Security. Cyber Defense’s mission is simple:
We aim to Deter, Detect, Deny, and Disrupt adversaries through proactive threat centric defense.
The Offensive Security Engineer is a key member of the Cyber Defense Cyber Adversary and Exposure Mgmt. team, responsible for simulating advanced persistent threats (APTs) and emulating real-world adversaries to assess and improve Key Bank’s detection, response, and resilience capabilities. This role goes beyond traditional red teaming and penetration testing by incorporating threat intelligence, custom tooling, and stealthy tradecraft to test the effectiveness of security controls and incident response processes.
The ideal candidate will have experience in adversary simulation, red teaming, and offensive security operations across hybrid environments (on-prem, cloud, and physical). This role requires strong technical acumen, creativity, and the ability to communicate complex findings to both technical and executive audiences.
** Key Responsibilities
*** Execute adversary emulation engagements using intelligence-driven threat scenarios aligned with frameworks such as MITRE ATT&CK.
* Conduct red team operations, including initial access, lateral movement, privilege escalation, and data exfiltration simulation.
* Conduct physical, external/internal, and wireless network assessments, as well as web and mobile application testing.
* Perform security assessments across cloud platforms (Google Cloud, Microsoft Azure, AWS) and embedded systems.
* Test threat actor emulation tools, tactics, and procedures for the Red Team to employ on-demand in assessments of application, system, and network security controls.
* Employ these tools and techniques in the Key Bank environment with minimal supervision.
* Partner with the Cyber Threat Intelligence team to ensure Red Team capabilities and tactics accurately reflect the current threat landscape.
* Consult with cross-functional teams during project testing phases and architectural design reviews to ensure appropriate security controls are in place to mitigate threats.
* Coordinate and monitor third-party penetration testing engagements, ensuring alignment with requirements, effective communication, and timely, accurate reporting.
* Generate and publish Red Team metrics and reporting to track program effectiveness and stakeholder visibility.
* Track remediation of findings to completion through coordination with application and technology system owners.
* Expand the team’s capabilities through:
- Creation of custom tools and automation frameworks.
- Research and development of novel offensive techniques and tradecraft.
- Incorporation of threat actor intelligence into emulation scenarios.
- Delivery of internal presentations and knowledge-sharing sessions.
* Collaborate with the Cyber Threat Intelligence team to translate real-world TTPs into emulation plans.
* Evaluate the effectiveness of detection and response capabilities across SOC, EDR, SIEM, and other security layers.
* Provide detailed post-mortem reports and executive briefings with prioritized recommendations.
* Partner with blue teams to conduct purple team exercises and improve detection engineering.
* Contribute to the continuous improvement of adversarial emulation methodologies, tooling, and documentation.
** Required Qualifications
*** Bachelor’s degree or equivalent work experience.
* 5+ years of experience in Red Team or Penetration Testing roles.
* Proficiency with Red Team tools and Command & Control (C2) frameworks.
* Strong scripting and programming skills in Power Shell, Python, JavaScript, Bash, Golang or similar languages.
* Deep understanding of Windows, Linux, Kali Linux, and macOS operating systems.
* Hands-on experience with one or more of the…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×