Security Software Engineer - Red Team Pen Tester

Job Overview

Data Intelligence is seeking a seasoned Security Software Engineer — Red Team / Penetration Tester to join a hands‑on offensive security team supporting mission systems in the defense domain. This role is ideal for a pragmatic, technically deep engineer who blends software development, exploitation tooling, and operational red‑team experience to assess and harden complex enterprise and DoD environments.

• Plan and execute advanced penetration tests and red‑team engagements against enterprise, cloud, and mission systems (including VDI, virtualization stacks, network enclaves, identity systems, and web services).
• Design, develop, and maintain offensive tooling, exploit code, C2 components, and automation to support engagements.
• Conduct network, host, web application, cloud, and identity‑centric assessments (including REST/SOAP web services and modern auth protocols such as OAuth2/SAML/LDAP).
• Perform vulnerability discovery, exploit development, privilege escalation, lateral movement, persistence techniques, and post‑exploitation analysis.
• Use and extend common pentest frameworks and tools (Kali, Metasploit, Nmap, Cobalt Strike) and integrate custom scripts and modules.
• Evaluate and document attack paths, IM/SSO/MFA bypass scenarios, and misconfigurations across Microsoft Entra  (Azure AD), Active Directory, hybrid Microsoft 365 environments, and federation/SSO integrations.
• Test and evaluate network and security devices (Palo Alto, Cisco, Fire Power, IOS/ASA, Nexus) and virtualization/storage platforms (vCenter/vRealize/Horizon, Net App/ONTAP, Snap Mirror).
• Perform cloud security assessments (AWS, serverless, microservices) and audit cloud configurations and workloads.
• Produce clear, actionable deliverables: technical findings, exploit proofs‑of‑concept, attack narratives, remediation guidance, and executive summaries for stakeholders.
• Collaborate with blue teams, Dev Sec Ops , and engineering teams to validate fixes and drive continuous improvement.

Education: Bachelor’s degree in Computer Science, Engineering, Information Security, or equivalent experience preferred.

Experience: Minimum 5 years of software engineering applied to program development, modeling, or simulation for DoD or IT systems and a minimum 5 years hands‑on experience with:

• Linux: firm grasp / demonstrated knowledge (training such as CompTIA Linux+ or FedVTE Linux+ preferred).
• Windows & enterprise networks: foundational understanding of Windows enterprise administration (relevant Microsoft coursework/certification experience preferred).

Offensive tooling & techniques:
Strong working knowledge and practical use of Kali, Metasploit, Nmap, Cobalt Strike.

Documented operational experience in at least one of the following:

Minimum certification: Must hold one of the following (or equivalent, current):

• Offensive Security: OSCP, OSCE, OSEE, OSWP
• SANS: GPEN (SEC
  560), GWAPT (SEC
  542), SEC
  660, GXPN, SEC
  642, SEC
  564

Operational tools/platform familiarity: experience with virtualization & VDI stacks (NSX, vCenter, vRealize, Horizon), network/security appliances (Palo Alto, Cisco), storage platforms (Net App/ONTAP), and virtualization/cloud (VMware, AWS).

Identity & automation: demonstrable experience with Active Directory, Microsoft Entra  (Azure AD), SSO/MFA, identity federation, and automation using Power Shell / Power Automate / Logic Apps / Graph API.

Clearance: Current Top Secret Security Clearance

• Prior experience conducting Red Team operations in an MDE (Managed Detection & Response / Microsoft Defender for Endpoint) environment.
• Experience with cloud audit, serverless, microservice architectures and security.
• Prior development of offensive tooling, exploit chains, or C2…