Back to search
Edward Jones Linkedin · Posted 1mo ago

Threat Emulation Engineer IV

St Louis

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

This job posting is anticipated to remain open for 30 days, from 13-Jul-2026. The posting may close early due to the volume of applicants.

Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we’re proud to be privately-owned, placing the focus on our clients rather than shareholder returns.

Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging.

People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career.

View our Purpose, Inclusion and Citizenship Report.

¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating.

Team Overview

A Threat Emulation Engineer is an introductory role to Red Teams focused on developing foundational skills in adversary tradecraft replication and assessment execution. Engineers at this level work within clearly defined scope and are supported through structured review, feedback, and mentorship. The role is designed as an entry point into Threat Emulation for individuals with experience in related technical fields. No prior Red Team or offensive security experience is required.

What You Will Do

  • The primary focus of the position is Threat Detection Assessments (TDAs). These are collaborative engagements where the team tests whether the organization's defenses can identify specific adversary techniques. Engineers research how adversaries carry out specific techniques, then build and run tests that replicate those techniques in a controlled environment. They document what they built, how they ran it, and what the organization's defenses did in response.
  • Day-to-day work includes reading technical research on adversary techniques, reproducing those techniques in a test environment, writing the tools or scripts needed to run each test, executing tests alongside partner teams, and documenting the results. Engineers own the quality of their work products. All work is reviewed by senior engineers before use, but the author is responsible for iterating and improving based on that feedback.
  • Engineers also shadow and support the team's other services under senior guidance. Threat Response Exercises (TRXs) are collaborative engagements where partner teams rehearse incident response. Threat Emulation Operations (TEOs) are unannounced campaigns that test the organization's overall readiness. Exposure to both builds the context needed for advancement.

How You Will Grow

  • Growth at the level is structured around mentorship and increasing independence. Senior engineers define scope, assign work, and provide feedback. Over time, engineers take on broader assignments and work more independently as their skills develop.
  • Review is treated as a learning mechanism rather than a gatekeeping process. Senior engineers identify strengths and areas for growth, and build on those strengths while developing in weaker areas. The goal is to develop an adversary mindset, meaning the ability to think about systems from an attacker's perspective and apply that thinking to realistic test scenarios.
  • Advancement is based on demonstrated capability, not time in grade. The signals that define readiness include the ability to independently research and replicate adversary techniques, clearly document findings, and represent the team to partner functions with confidence. Performance is measured by growth toward these capabilities rather than output volume.

Collaboration

  • The Threat Emulation team works closely with Threat Intelligence, Threat Response, and Threat Detection as part of an integrated threat management model. Engineers interact with these partner teams during assessments and exercises, explaining what they tested and coordinating during execution.
  • Engineers are expected to present their work to peers and partner teams, ask questions when concepts are unclear, and respond constructively to feedback. They are not expected to drive cross-team processes independently. When coordination needs go beyond explanation or learning, engineers escalate to more experienced team members.

What Experience You'll Need

  • Formal education in computer science, engineering, information security, or a related technical field may be helpful, but is not required. Equivalent experience gained through professional work, independent study, home lab environments, research projects, or other hands-on technical learning is equally valued.
  • 7 years of experience in security operations, IT, systems administration, software engineering, penetration testing, academic study, self-directed learning, or other technical backgrounds.
  • Operating system fundamentals, such as process execution, authentication, privilege models, and system events.
  • Basic networking concepts, including common protocols and client-server interactions.
  • Familiarity with scripting or programming in at least one language.
  • Exposure to command-line tools and system administration tasks.
  • Understanding of basic security concepts, including access control, logging, and common attack patterns.
  • Candidates should demonstrate the ability to learn independently and engage with unfamiliar technical material. This includes:
    • Reading and understanding technical documentation, research write-ups, or adversary tradecraft reports.
    • Reproducing described behavior in a lab or test environment.
    • Documenting findings clearly in writing, with attention to technical detail and accuracy.
  • Experience producing written technical material is a strong signal. This can include reports, documentation, blogs, capture-the-flag write-ups, or project notes. Interest in adversary tradecraft, capture-the-flag competitions, Hack The Box, or similar platforms is a positive indicator.
  • Candidates should be comfortable explaining technical concepts to others and engaging in constructive discussion. This includes:
    • Asking questions when concepts are unclear.
    • Accepting feedback and incorporating it into subsequent work.
    • Explaining their approach and findings, both in writing and verbally.
  • Prior experience working in team-based technical environments is beneficial but not required.
  • Candidates that live within a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office four days per week.**
At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received.

Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones

Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones

Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law.

Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act. Edward Jones is prohibited from hiring individuals with certain specified criminal history as set forth in Section 3(a)(39) and 15(b)(4) and Rule 17a-3(a)(12) of the Securities and Exchange Act of 1934, and conducts background reviews consistent with FINRA Rule 3110(e). A copy of a notice regarding the provisions of the Los Angeles County Fair Chance Ordinance is available at: dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf.

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent