Offensive Security Engineer (Horizon3. ai NodeZero)
Indexed description
This role is designed for a strategic technical professional who excels at bridging the gap between traditional offensive testing and managed defense, turning raw exploit data into actionable remediation roadmaps and verifying fix actions for our clients to help them reduce risk before attackers exploit them.
What You'll Do:
In this role, you will operate at the intersection of Foresite’s managed security expertise and Horizon3.ai’s autonomous testing technology. You will partner closely with our internal Blue Teams, SOC Analysts, and client IT leaders to identify vulnerabilities, map attack paths, and validate remediations. You will be measured on the successful management of client environments, the clarity of your remediation strategies, and measurable security posture improvements across our multi-tenant client base.
Platform Management & Orchestration
- Platform Management: Configure, deploy, and manage the Horizon3.ai NodeZero platform across diverse multi-tenant client environments, covering internal, external, cloud, and hybrid infrastructures.
- Testing Execution: Schedule and execute continuous or on-demand autonomous penetration tests based on client risk profiles, compliance mandates, or zero-day threats.
- Asset & License Registry: Manage licensing, concurrent testing allocations, and IP address allotments across the client tracking registry.
- Exploit Analysis: Analyze complex NodeZero testing outputs to differentiate between theoretical vulnerabilities and actual, exploitable attack vectors.
- Attack Path Mapping: Map active attack paths and context-poisoning vectors to help defensive teams isolate systemic security weaknesses.
- Post-Remediation Verification: Conduct post-remediation security validation testing to scientifically verify that security patches or configuration changes successfully closed the exploit path.
- Strategic Advisory: Translate highly technical attack data into clear, risk-prioritized remediation strategies for client IT and security leaders.
- Quarterly Business Reviews: Conduct strategic Quarterly Business Reviews (QBRs) to visually demonstrate client security posture improvements and measurable security outcomes over time.
- Compliance Deliverables: Produce compliance-ready penetration testing artifacts satisfying requirements for frameworks such as SOC 2, HIPAA, PCI-DSS, and ISO 27001.
- Defensive Tuning: Partner closely with internal Blue Teams and SOC Analysts to tune SIEM, EDR, and XDR alerting rules based on insights gained from NodeZero attack loops.
- Threat Modeling: Support threat modeling initiatives by analyzing automated attack chains and translating them into defensive playbooks.
- Experienced Pro: You have 3–5 years of experience in cybersecurity, with at least 2 years working within an MSSP, SOC, or offensive security consulting team.
- Offensive Security Savvy: You have a deep understanding of penetration testing methodologies, the MITRE ATT&CK framework, and common network/cloud lateral movement techniques.
- Platform Expertise: Proven hands-on experience with Horizon3.ai NodeZero (certification or accreditation under the Horizon3.ai Vanguard Partner Program is a major plus).
- Technical Navigator: You possess a strong grasp of enterprise networking (VLANs, firewalls, routing) and hybrid cloud architectures (AWS, Azure, GCP).
- Collaborative Communicator: You have an exceptional ability to explain complex technical vulnerabilities and exploit chains to non-technical executive stakeholders.
- Education: Bachelor’s degree or equivalent practical experience.
- Preferred Certifications: Horizon3.ai NodeZero Certified Professional / Administrator, CEH (Certified Ethical Hacker), CompTIA PenTest+, or OSCP (Offensive Security Certified Professional).
- Growth Mindset: Deep knowledge of proactive security validation trends and the evolving automated penetration testing landscape.
What We Offer:
- Comprehensive Health & Wellness: Robust medical insurance options to keep you and your family healthy.
- Employer-Covered Insurance: We fully provide employer-paid Dental coverage, as well as Short-Term (STD) and Long-Term Disability (LTD).
- Generous Time Off: We believe in a true work-life balance. You’ll start with 3 weeks of paid vacation, plus additional sick leave and paid company holidays.
- Growth & Mentorship: Access to world-class training. We support your career trajectory, whether you’re looking to deepen your technical skills or move into leadership.
- Impactful Work: Help protect global clients using the latest AI-enhanced security tools and GCP native technologies.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search