All roles

Open role

[Remote] Senior Engineer, Offensive Security

Remote · Ethiopia Full-time

Note: The job is a remote job and is open to candidates in USA. Humana Inc. is a leading U.S. healthcare company, and they are seeking a Senior Engineer in Offensive Security. The role involves building AI-driven offensive tooling, conducting penetration tests, and running red-team operations to enhance the security posture of the organization.

Responsibilities

  • Write production-quality software and AI agents, LLM-driven planning loops, multi-agent orchestration, and tool/function-calling that drives real offensive tooling, and contribute to the in-house agent platform that powers our pentest and red-team operations
  • Network, web-application, cloud, and infrastructure testing, recon through exploitation, privilege escalation, and lateral movement, accelerated by the tooling you build, with your own judgment owning scope and exploitability
  • Validate security countermeasures (EDR/XDR, NDR, DLP, firewalls) with our defensive partners, then pair with detection engineering to close the gaps your attacks reveal
  • Objective-driven adversary emulation; and adversarial assessment of internal LLM-powered products, agents, RAG pipelines, and ML applications, prompt injection, jailbreaks, model extraction and inversion, membership inference, data and supply-chain poisoning, evasion, and agent tool/sandbox abuse, validating that guardrails and classifiers actually hold
  • Ramp on the agent platform and the offensive service lines; deliver your first engagements (a penetration test and a purple-team exercise) and ship one improvement to the agentic tooling that you used during them
  • Ship at least one AI-driven tool that a service line adopts into its live workflow, with metrics showing coverage or turnaround gains; run a red-team operation end to end
  • Stand up repeatable adversarial testing for at least one of the enterprise's own AI systems; establish an evaluation approach that tracks your tooling's autonomous success against representative targets; become a go-to for both building and operating across the team

Skills

  • Offensive operations experience: 4+ years in roles such as Red Team, Penetration Testing, Purple Team / control validation, or Bug Bounty, with a track record of delivering engagements end to end: scoping, execution, and clear written findings
  • Production Python engineering: you build and operate real tooling, not only one-off scripts
  • You've built with agentic AI: hands-on designing, building, or operating AI agents or LLM applications: agentic workflows, tool/function-calling, and orchestration. (We care about what you've shipped and operated, not years on a particular framework—these frameworks are only a few years old.)
  • You've attacked AI: hands-on testing of AI/ML systems: prompt injection, jailbreaking, and adversarial techniques
  • Cloud fluency: production experience with at least one major Cloud Service Provider (AWS, GCP, or Azure)
  • Built autonomous or semi-autonomous offensive agents, LLM-driven penetration-testing agents, or reinforcement-learning exploit and attack-path planners
  • Red-team tradecraft: C2 frameworks (e.g. Cobalt Strike, Sliver, Mythic), evasion and OPSEC, and testing endpoints protected by modern EDR/XDR
  • Purple-team and adversary-emulation fluency: MITRE ATT&CK, and platforms such as VECTR or Atomic Red Team
  • Hands-on with AI red-teaming frameworks such as PyRIT or Garak, and fluent in MITRE ATLAS, the OWASP Top 10 for LLM Applications, and the NIST AI Risk Management Framework
  • Model Context Protocol (MCP), building clients/servers, or testing them and RAG pipelines for tool/prompt-injection abuse
  • Cloud penetration-testing depth or multi-cloud breadth; threat-intelligence-driven operations; depth in an advanced offensive specialty (malware development, advanced red-team operations, or adversarial ML research)
  • Published research, open-source contributions, or talks at DEF CON (incl. the AI Village / Generative Red Team), BSides, x33fcon, or Black Hat, or strong showings in AI-security competitions like HackAPrompt
  • Certifications are a plus, not a gate, offensive (e.g. OSCP, OSEP, OSED, OSCE3, CRTO, CRTL, CPTS, CWES, CWEE, CAPE) and emerging AI-security (e.g. the OffSec AI Red Teamer (OSAI / AI-300), the SANS/GIAC AI security line, the HTB AI Red Teamer path)

Benefits

  • Bonus incentive plan
  • Medical, dental and vision benefits
  • 401(k) retirement savings plan
  • Time off (including paid time off, company and personal holidays, paid parental and caregiver leave)
  • Short-term and long-term disability
  • Life insurance
  • Hack The Box Pro Labs, all HTB role-based paths and certifications, discretionary certification funding, and conference/training budgets
  • Work from a dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

Company Overview

  • Humana is a health insurance provider for individuals, families, and businesses. It was founded in 1964, and is headquartered in Louisville, Kentucky, USA, with a workforce of 10001+ employees. Its website is http://www.humana.com.
  • Company H1B Sponsorship

  • Humana has a track record of offering H1B sponsorships, with 149 in 2026, 282 in 2025, 246 in 2024, 284 in 2023, 274 in 2022, 212 in 2021, 84 in 2020. Please note that this does not guarantee sponsorship for this specific role.
  • More open positions

    [Remote] Remote Interim HRIS Analyst

    Work from home Full-time role

    [Remote] Media Sales Closer (TV/Marketing) ~$250k+

    Work from home Full-time role

    [Remote] Vice President Business Development, East Central Region

    Work from home Full-time role

    [Remote] Director, Patient Experience Data & Analytics

    Work from home Full-time role

    [Remote] Business Development Manager, Metropolis

    Work from home Full-time role

    Remote Appointment Setter - Estate Planning Services

    Work from home Full-time role

    [Remote] Corporate Payroll Administrator - Remote

    Work from home Full-time role

    Territory Sales Manager, Hyderabad

    Work from home Full-time role

    Clinical Social Worker, LICSW (Attleboro)

    Work from home Full-time role

    Data Entry Specialist - Medical Records (Remote)

    Work from home Full-time role

    English as a Second Language Teacher

    Work from home Full-time role

    HR Coordinator

    Work from home Full-time role

    Experienced REMOTE Live Chat Customer Support Specialist – Shipping Container Sales and Support

    Work from home Full-time role

    Software Engineer II

    Work from home Full-time role

    Experienced Bilingual Outbound Customer Service Advocate II – Provider & Member Engagement Specialist (Spanish/English)

    Work from home Full-time role

    IT Admin Specialist - Freelance, Remote

    Work from home Full-time role

    Medical Advisory Board Member/ Sports Medicine and Hydration Science

    Work from home Full-time role

    [Remote] Property Research Analyst

    Work from home Full-time role

    Remote Customer Care Specialist – careerzynith – Exceptional Service & Support for Retail Clients (Fully Remote, Dallas‑Based Team)

    Work from home Full-time role

    Entry-Level Remote Live Chat Support Specialist – Customer Experience Champion (Flexible Hours)

    Work from home Full-time role

    Account Manager - Personal Care

    Work from home Full-time role