Procter & Gamble · 1 week ago
Senior Offensive Security Engineer, Red Team
Cincinnati, OH
Full-time
Onsite
Mid, Senior Level
$110K/yr - $165K/yr
5+ years expProcter & Gamble is a leader in consumer goods, integrating technology and innovation to serve over 5 billion consumers worldwide. The Senior Offensive Security Engineer will lead red team operations, focusing on simulating advanced cyber threats to enhance security measures across the organization.
BeautyBrand MarketingCleaning ProductsConsumer GoodsCosmeticsNutritionPersonal Health
No H1B
U.S. Citizen Only
Responsibilities
Lead end-to-end red team operations aligned to priority threat actors: scenario design, ROE, pre-briefs, execution, and hot-wash/AAR
Support purple-team engagements with DFIR/SOC and Detection Engineering to convert TTPs into durable detections, runbooks, and response improvements with measurable outcomes
Orchestrate assumed-breach campaigns emphasizing evasion and control bypass (EDR/AV, email/web security, identity/conditional access, network segmentation, cloud guardrails)
Perform campaign/TTP research, develop internal PoCs/tooling (e.g., tradecraft to exercise specific controls, lightweight payloads), and steward OPSEC
Produce executive-ready risk narratives and technical reporting (ATT&CK mapping, artifacts, evidence handling) and brief senior leadership
Mentor junior engineers; set standards for craft quality, methodology, and safety
Coordinate multi-party/third-party exercises; manage risk, deconflict with production, and ensure stakeholder alignment
Contribute to operational expansion by researching, prototyping, and developing novel capabilities for offensive use
Contribute to program maturity: metrics/KPIs, roadmap, methodology standardization, control validation cadence, and integration with vulnerability management
Qualification
Required
BA or BS degree in Information Security, Cyber Security, Computer Science, or related field (OR 7+ years of relevant experience required in lieu of a degree)
5+ years running offensive or emulation operations in large/complex environments, with demonstrated impact on detections/response
Expertise across 2+ domains: enterprise/web/mobile apps; identity; cloud (AWS/GCP/Azure); network/endpoint; IoT/OT; or directory services
Proven ability to bypass preventative/detective controls and reach mission objectives while maintaining safety and ROE
Strong engineering skills (Python, PowerShell, GO, C++, Web Frameworks); comfort with low-level concepts a plus) and familiarity with C2 tradecraft
Deep command of MITRE ATT&CK and threat-informed defense; history partnering with DFIR/SOC and Detection Engineering
Excellent executive and technical communication
Ability to work in Cincinnati, Ohio based office 3 days per week
Preferred
Leadership of purple-team campaigns and incident-driven emulations; closed-loop improvements with measurable KPI movement
Building program metrics/KPIs, standardizing reporting, and integrating with risk governance
Threat-intel integration: actor/campaign analysis, hypothesis generation, and prioritization tied to business impact
Identity and cloud attack paths (SSO, MFA, OAuth, PAM; AWS/GCP/Azure control planes) with hardening collaboration across platform/IDAM teams
Coordinating large third-party exercises and setting complex ROE
Benefits
Salary + bonus (if applicable) + benefits
Company
Procter & Gamble
P&G was founded more than 185 years ago as a soap and candle company.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$2.75B2025-05-01Post Ipo Debt· $1.25B
2024-05-02Post Ipo Debt· $1.5B
2021-04-18Undisclosed· $0.3M
Leadership Team
Jon Moeller
Chairman of the Board, President & Chief Executive Officer at Procter & Gamble
Mary Lynn Ferguson McHugh
Chief Executive Officer - Family Care and P&G Ventures
Recent News
Morningstar.com
2025-11-03
2025-08-18
Company data provided by crunchbase