Senior Security Engineer - Red Team Job in New York

1814 IT & Software Developer jobs in the US

Company Size

1k-5k

Company Type

Product

Exp Level

Senior

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

- Over 5 years of experience using industry-standard penetration testing and adversary emulation tools (e.g., Cobalt Strike, Sliver, Mythic, Bloodhound, Burp Suite) - In-depth knowledge of the MITRE ATT&CK Framework and advanced evasion techniques to circumvent modern security measures - Strong understanding of the cyber kill chain and the entire lifecycle of an Advanced Persistent Threat (APT) focusing on financial institutions - Proficient in at least one scripting language (e.g., Python, PowerShell) and familiar with a compiled language (e.g., Go, C#) for tool development - Extensive experience in attacking and securing complex cloud, on-premises, and hybrid environments from initial access through execution of objectives - Solid grasp of Windows and Linux system hardening practices, Purple Team automation approaches, and vulnerability assessment techniques - Documented experience with security strategies within at least one major cloud provider (e.g., AWS, Azure, Google Cloud Platform) - Previous hands-on experience in conducting sophisticated adversary emulations/simulations within the financial services sector - A recognized offensive security certification (e.g., OSCP, GPEN, GXPN, OSWE, eCPTX) demonstrating specialized skills - Familiarity with modern enterprise security standards and frameworks (e.g., TIBER-EU, CBEST, NIST CSF) - Experience in offensive security exercises targeting emerging technologies such as AI/ML systems or macOS.

Technologies

Responsibilities

- Conduct high-impact Red Team exercises against our sophisticated hybrid cloud environments, informed by real-world threat intelligence and the MITRE ATT&CK Framework - Develop and sustain resilient Red and Purple Team infrastructure, continually enhancing efficiency through process automation - Co-design and lead collaborative Purple Team exercises, partnering with cyber defense teams to enhance detection and response capabilities - Innovate by researching new offensive security techniques and facilitate knowledge sharing within the security organization - Execute specialized, ad-hoc offensive security tests using top-tier and internally developed tools to identify subtle security vulnerabilities - Create detailed post-exercise reports that include comprehensive technical findings, breach narratives, and strategic remediation recommendations - Guide cyber defense teams during incident investigations, providing critical expertise on attacker methodologies and mindset - Promote security awareness and the exchange of technical knowledge by collaborating with information security, technology, and business stakeholders.

Description

CME Group is a leading derivatives marketplace where we prioritize continuous learning and career development within a diverse and inclusive global team. Our employees benefit from a competitive salary and a comprehensive benefits package, which includes health coverage, retirement plans, education reimbursement, paid time off, and mental health support. As part of our Offensive Security team, you will play a pivotal role in strengthening our cybersecurity measures while being surrounded by expert professionals dedicated to making an impact in the financial infrastructure. We are located in a dynamic environment that supports both personal and professional growth.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the USSecurity Engineer jobs in the USSecurity Engineer jobs New York City, NY

You can find Cyber Security Engineer salaries in the United States here.

How many Cyber Security Engineer jobs are in the United States?

Currently, there are 1814 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.

Is the US a good place for Cyber Security Engineers?

The US is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Cyber Security Engineer jobs in the United States?

Snaplii, Levven Electronics Ltd., ScaleMyMealPrep, Confidential, DataAnnotation, Optimum, SPR among others, are currently hiring for Security roles in the United States.

The company with most openings is Jobot as they are hiring for 126 different Cyber Security Engineer jobs in the United States. They are probably quite committed to find good Cyber Security Engineers.