Apply on Employer Site

KeyBank · 1 day ago

Offensive Security Engineer (Red Team)

Brooklyn, OH

Full-time

Hybrid

Senior Level

$94K/yr - $175K/yr

5+ years exp

KeyBank is a financial services company focused on Cyber Defense through its Cyber Adversary and Exposure Management team. The Offensive Security Engineer will simulate advanced persistent threats and assess security controls, collaborating with various teams to enhance detection and response capabilities.

Banking

Responsibilities

Execute adversary emulation engagements using intelligence-driven threat scenarios aligned with frameworks such as MITRE ATT&CK

Conduct red team operations, including initial access, lateral movement, privilege escalation, and data exfiltration simulation

Conduct physical, external/internal, and wireless network assessments, as well as web and mobile application testing

Perform security assessments across cloud platforms (Google Cloud, Microsoft Azure, AWS) and embedded systems

Test threat actor emulation tools, tactics, and procedures for the Red Team to employ on-demand in assessments of application, system, and network security controls

Employ these tools and techniques in the KeyBank environment with minimal supervision

Partner with the Cyber Threat Intelligence team to ensure Red Team capabilities and tactics accurately reflect the current threat landscape

Consult with cross-functional teams during project testing phases and architectural design reviews to ensure appropriate security controls are in place to mitigate threats

Coordinate and monitor third-party penetration testing engagements, ensuring alignment with requirements, effective communication, and timely, accurate reporting

Generate and publish Red Team metrics and reporting to track program effectiveness and stakeholder visibility

Track remediation of findings to completion through coordination with application and technology system owners

Expand the team’s capabilities through:

Creation of custom tools and automation frameworks

Research and development of novel offensive techniques and tradecraft

Incorporation of threat actor intelligence into emulation scenarios

Delivery of internal presentations and knowledge-sharing sessions

Collaborate with the Cyber Threat Intelligence team to translate real-world TTPs into emulation plans

Evaluate the effectiveness of detection and response capabilities across SOC, EDR, SIEM, and other security layers

Provide detailed post-mortem reports and executive briefings with prioritized recommendations

Partner with blue teams to conduct purple team exercises and improve detection engineering

Contribute to the continuous improvement of adversarial emulation methodologies, tooling, and documentation

Qualification

Red Team toolsCommand & Control frameworksAdversary simulationCloud platformsScripting skillsPenetration Testing MethodologiesMITRE ATT&CK frameworkResearch skillsReporting skillsCommunication skills