
Humana
about 9 hours ago

Become a part of our caring community and help us put health first
The Lead, Offensive Security, owns the strategic roadmap for the Breach and Attack Simulation (BAS) program. This role makes complex decisions across multiple service lines, influences cross-functional teams throughout the organization, and translates technical findings into business impact. You will shape the future of our BAS program while addressing problems of substantial scope and complexity.The Bigger Picture
Join a 100% remote, highly specialized offensive security team where you will have access to Hack The Box Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets. These resources will enable you to continuously advance your expertise while working on industry-leading BAS challenges at scale. You will be part of Cyber Threat Simulation (CTS), collaborating with Red Team, Penetration Testing, and Bug Bounty professionals—highly specialized experts who identify vulnerabilities so the business can address them proactively. Fridays are dedicated to research and development, allowing the team to pursue training in emerging offensive security technologies, tools, large language models (LLMs), artificial intelligence, and other relevant topics.
Mission & Impact
- Own the six-quarter roadmap to mature each BAS service line, including Threat Simulations, Pre-built Threat Simulations, Security Baselines, IOC Validation, and Synthetic Tests. Lead the expansion of our BAS platform across all cloud and on-premises segments, ensure seamless integration of reporting into our SOAR platform, and optimize the Findings-Analysis workstream to consistently deliver actionable insights with maximum efficiency.
- Your week will involve collaborating with the CTI team to discuss recent threat actor campaigns, working with SRE to address requirements for deploying simulators in additional Cloud Service Provider environments, and reviewing TTP playbooks for upcoming quarterly threat simulations. You will also identify TTPs not currently included in the platform that require custom test case development, and present threat simulation results to engineering teams and their leadership. You will work directly in the console and provide mentorship to engineers as they debug issues.
- Why it matters: BAS transforms security testing from point-in-time snapshots to continuous validation, ensuring that countermeasures are effective at scale before attackers have the opportunity to subvert them.
- Youll excel if you can manage multiple projects simultaneously, enjoy programming in Python, stay current with the latest TTPs and offensive security tooling, and turn we should test that into we already did, heres the evidence.
Key Responsibilities
- Program Strategy: Define the six-quarter plan across all BAS service lines, establishing KPIs and milestones while advising CTS leadership on functional strategies.
- Team Leadership: Oversee project plans and backlogs, identify budget opportunities, and coordinate with the Red Team, Endpoint Security Engineering, CTI, SIEM Engineering, CSOC, and various infrastructure teams. Mentor 1–3 BAS engineers, review all campaign outputs, and develop custom test cases to supplement the platform’s built-in library where needed.
- Platform Expansion: Plan simulator deployments for additional network segments, Cloud Service Providers, business subsidiaries, and on-premises data centers. Manage technical prerequisites and collaborate with systems owners to ensure the solution is operational and tests attack vectors relevant to their environment.
- Operations: Execute campaigns across all service lines, prioritize threat actors (e.g., APT41, DPRK, FIN7, Scattered Spider) based on available threat intelligence and business priorities, and identify tests to validate the effectiveness of security countermeasures (DLP, EDR, NDR, firewalls, etc.).
- Reporting: Deliver quarterly threat simulation reports, debrief system owners on campaign results, and provide OKR status and project completion metrics to leadership. Translate complex technical findings into actionable business insights.
Use your skills to make an impact
Minimum Qualifications
- Minimum 3 years of experience in offensive security roles such as Red Team, Penetration Testing, or Bug Bounty programs
- Intermediate to advanced proficiency in Python programming, or equivalent experience with interpreted languages such as PowerShell, Bash, or Ruby
- Demonstrated team-level leadership skills
- Experience with major Cloud Service Providers, including AWS, GCP, and Azure
- Proven ability to lead complex programs and mentor technical staff
- Experience utilizing Threat Intelligence to guide offensive security operations
- Experience testing endpoints protected by solutions such as Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne
- Interest in building and testing LLMs, machine learning models, AI infrastructure, MCP, and prompt engineering, with a focus on leveraging these technologies in offensive security operations
Preferred Qualifications
- Minimum 5 years of experience in any of the following areas:
- Malware development
- Advanced Red Team operations and threat simulation
- Threat hunting or digital forensics in enterprise environments
- Analyzing and gathering intelligence on threat actors and their TTPs
- Published speaking engagements at industry conferences such as DEF CON, BSIDES, x33fcon, Black Hat, etc.
- Relevant industry certifications, including but not limited to: OSCP, OSWE, OSED, OSCE3, CRTP, CRTE, CRTO, CRTL, CPTS, CBBH, CWEE, CAPE, MalDev Academy, OpenSecurityTraining2
- Experience with building and breaking LLMs, machine learning models, AI infrastructure, MCP, prompt engineering, and applying these technologies to offensive security operations
Remote/WAH requirements:
- WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
- A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
- Satellite and Wireless Internet service is NOT allowed for this role.
- A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information
Scheduled Weekly Hours
40Pay Range
The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.
Description of Benefits
Humana, Inc. and its affiliated subsidiaries (collectively, “Humana”) offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.Application Deadline: 07-16-2025
About us
Humana Inc. (NYSE: HUM) is committed to putting health first – for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health – delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large.
Equal Opportunity Employer
It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.