Lead Offensive Security Engineer

We are looking for an Offensive Security Lead Engineer who will serve as both a senior technical leader and a mentor to execute day-to-day activities, as well as have the ability to jump in if needed. This role leads and mentors the Offensive Team and elevates our offensive security program to a world‑class level. The ideal candidate has deep hands‑on offensive security experience (red teaming, penetration testing, adversary simulation, vulnerability management, threat intelligence), but is equally strong at coaching, setting technical direction, and turning findings into measurable risk reduction. This leader will tactically help execute our offensive security vision and strategy, partner closely with defensive and engineering teams, and help build a scalable, threat‑informed offensive security capability, and not just run tests.

Responsibilities:

• Lead and mentor the Offensive Security team to fulfill tactical initiatives to foster a culture of innovation and continuous improvement.

• Oversee vulnerability management programs, including scanning, prioritization, and remediation tracking.

• Conduct advanced threat hunting to identify and analyze emerging threats and adversary behaviors.

• Manage and operationalize threat intelligence, including zero-day vulnerabilities and exploit research.

• Plan and execute Red Team, Blue Team, and Purple Team exercises to assess and strengthen organizational defenses.

• Lead penetration testing engagements, including scoping, execution, reporting, and remediation follow-up.

• Develop and track offensive security metrics to measure program effectiveness and risk reduction.

• Collaborate with Defensive Security, IT, and engineering teams to share findings and drive remediation.

• Stay current with the latest offensive security tools, tactics, and techniques.

• Prepare and present offensive security reports and metrics to senior management.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).

• 5+ years of experience in offensive security, including vulnerability management, threat hunting, and penetration testing.

• Strong knowledge of security frameworks (MITRE ATT&CK, NIST, CIS, etc.).

• Hands-on experience with offensive security tools (e.g., Metasploit, Cobalt Strike, Burp Suite, Nmap, etc.).

• Experience with scripting and automation (Python, PowerShell, Bash, etc.).

• Deep hands‑on offensive security experience, including red teaming, penetration testing, adversary simulation, vulnerability management, and threat intelligence.

• Proven ability to lead and mentor an offensive security team, with a strong focus on growing analysts' technical skills and careers.

• Experience acting as a senior technical leader who sets direction, standards, and priorities-not just an individual contributor.

• Demonstrated strength in coaching, guidance, and mentoring.

• Ability to translate offensive security findings into measurable risk reduction and actionable outcomes.

• Strong understanding of threat‑informed offensive security practices.

• Experience executing and operationalizing an offensive security vision and strategy

• Proven ability to partner closely with defensive security and engineering teams to improve overall security posture.

• Mindset focused on building a scalable, mature, world‑class offensive security capability, not just running tests.

Nice‑to‑Have Skills:

• Prior experience building or scaling a Red Team or Offensive Security program.

• Experience with Purple Teaming and measuring defensive effectiveness over time.

• Offensive security certifications (OSCP, OSCE, GIAC, or similar).

• Scripting or automation experience (Python, PowerShell, Bash).

• Experience in presenting results and program outcomes to security leadership.

• Background in enterprise environments with complex technology stacks.

#Hybrid

#LI-AM1

This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at any time at the sole discretion of JM Family. All work arrangements are subject to associate performance, business need and manager discretion, and may be revised as necessary.

JM FAMILY IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYER

JM Family Enterprises, Inc. is an Equal Employment Opportunity employer. We are committed to recruiting, hiring, retaining, and promoting qualified associates without regard to age, race, religion, color, gender, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity, gender expression, mental or physical disability, national origin, marital status, citizenship, military status, genetic information, veteran status, or any other characteristic protected by federal, state, provincial, or local law.

DISABILITY ACCOMMODATIONS

If you have a disability and require a reasonable accommodation to complete the job application process, please contact JM Family's Talent Acquisition department at talentacquisition@jmfamily.com for assistance. If you have an accommodation request for one of our recruiting events, please notify us at least 72 hours prior so that we may provide assistance.