JOBSEARCHER

Offensive Security Engineer

ARCHIVED

We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.

BenefitsCompetitive compensationMedical, dental, and vision insurance401(k) retirement savings plan with substantial company matchLife and travel insuranceTuition assistanceWellness reimbursement programPaid holidays and vacationWhat is an Offensive Security Engineer? We are seeking a diligent and experienced Offensive Security Engineer to join our team. In this role, you will be working within a group of highly motivated Information Technology and Cybersecurity professionals committed to keeping Central Hudson safe. The Offensive Security Engineer is responsible for conducting intelligence‑led threat emulation and purple team exercises to simulate real‑world adversaries, validate detection and response capabilities, and identify security control gaps. This role partners closely with the SOC, threat intelligence, detection engineering, and infrastructure teams to continuously validate detections, assess control effectiveness, and drive measurable improvements across the detection‑to‑remediation lifecycle. The ideal candidate has a strong understanding of modern security principles, offensive security techniques, and attacker methodologies, along with excellent analytical skills and the ability to clearly communicate technical findings and risk to both technical and non‑technical stakeholders.What does an Offensive Security Engineer do? Conducts targeted offensive testing activities in support of threat emulation and detection validation across networks, applications, cloud environments, and endpointsExecutes intelligence‑driven threat emulation exercises that replicate real‑world adversaries, campaigns, and tactics, techniques, and procedures (TTPs)Performs vulnerability remediation testing to validate the effectiveness of fixes and compensating controlsMaps emulated activity to MITRE ATT&CK techniques and track detection coverage and gapsDevelops and maintains custom tools, scripts, and payloads to support testing activitiesSafely exercises adversary techniques to evaluate the effectiveness of security controls and detectionsPartners with blue team, SOC, and engineering teams to test detection and response capabilitiesImplements, maintains, and enhances red team tooling and infrastructure to support penetration testing, adversary emulation, and purple team exercisesLeads and executes purple team exercises in close coordination with the SOC and Blue Team, sharing findings, techniques, and actionable recommendations to strengthen detection, response, and recovery capabilitiesAssists in tuning and validating security controls, alerts, analytics, and incident response playbooks based on threat emulation outcomesValidates security detections across SIEM, EDR, identity, and cloud platforms using repeatable and measurable testing scenariosProduces clear, actionable reports detailing emulated adversary behavior, detection gaps, response gaps, and prioritized remediation guidancePresents results to technical teams and leadership, translating technical risk into business termsTracks remediation progress and re-test identified issuesStays current on emerging threats, adversary techniques, and offensive security toolingContributes to the development of red team methodologies, frameworks, and documentationSupports threat intelligence–driven testing aligned with real-world attack trendsConsumes and operationalizes threat intelligence to inform adversary selection, scenario design, and testing prioritiesPromotes and raises awareness by educating others about the importance of cybersecurity Builds relationships with government and local agencies to promote collaborative information sharingStays updated with the latest cybersecurity trends, threats, and technologiesParticipates in on-call as needed to respond to security incidents outside of regular working hoursProvides support for storm restoration effortsWhat does it take to be an Offensive Security Engineer?RequiredBachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field of study. In lieu of a bachelor’s degree, an associate degree in the aforementioned fields and 3 years of information security engineering or related experience or a high school diploma or equivalency degree and 5 years of information security engineering or related experience will be consideredStrong knowledge of network, application, and cloud security, including operating systems (Windows and Linux)Working knowledge of common offensive security tools, including but not limited to:Metasploit, Cobalt Strike (or equivalents), Burp Suite, Nmap, BloodHound, and CrackMapExecKnowledge of vulnerability remediation testing and validating the effectiveness of security controlsDemonstrated experience collaborating closely with SOC or Blue Team functions to improve detection and incident response maturityAbility to develop scripts or tools using Python, PowerShell, Bash, or C#Solid understanding of security operations and detection technologies, including SIEM, EDR, IDS/IPS, and endpoint protection, to support adversary‑emulation and purple‑team activitiesFamiliarity with industry security frameworks and methodologies, such as:MITRE ATT&CKNIST 800‑61 (Incident Response)SANS / CIS Critical Security ControlsStrong analytical and problem‑solving skills with the ability to assess complex security issuesExcellent written and verbal communication skills, including the ability to clearly document findings and communicate risk to both technical and non‑technical audiencesAbility to work independently with minimal supervision and respond professionally to constructive feedbackAbility to work nights, weekends, holidays during a critical cyber incident or eventValid driver’s licensePreferred3+ years of hands-on experience performing offensive security activities such as penetration testing, detection validation, adversary emulation, red teaming, or exploitation of applications, networks, and cloud environmentsFamiliarity with evaluating security controls and risk exposure through an attacker’s lens, including validation of compensating controls and secure design assumptionsExperience identifying security weaknesses through threat modeling, attack simulations, and exploitation, with the ability to translate findings into actionable remediation guidanceExperience in Energy & Utilities or services industryRelevant certifications such CISSP, CEH, GPEN, GCIH, OSCP, OSWE, or similar offensive security focused credentialsApplications will be accepted until July 9, 2026.This position has a career path which allows for advancement opportunities within the Information Security Analyst job series. The title and level are commensurate with experience. Pay range: $73,000 - $171,300Please go to https://www.cenhud.com/employment. Click the “Search Career Opportunities” button. Follow the directions to submit an application and upload your resume for the desired position.Applications sent via e-mail and US Mail will not be accepted. No phone calls or agencies, please. All replies will be held in strict confidence.All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, creed, color, ethnicity, arrest or conviction record, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, citizenship, genetic information, familial status, marital status, pregnancy-related condition, domestic violence victim status, veteran or military status, or any other characteristic protected by federal, state or local laws. Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance employment in individuals who are protected veterans and individuals with disabilities.VEVRAA FEDERAL CONTRACTOR