Experian is a global data and technology company that enhances lending practices and prevents fraud through data analytics and software solutions. The Lead Offensive Security Engineer will be responsible for leading adversary simulation assessments and contributing to purple team exercises to improve the organization's security posture.
Responsibilities:
- Collaborate with other teams within the Cyber Fusion Center and the wider organization to ensure threat-informed Cyber Risks are understood and articulated, with a goal of contributing to the successful defense of the organization
- Support Offensive Security's engagement at multiple organizational levels, from senior leaders to technical analysts, to help guide risk understanding and verify the efficacy of remediation/mitigative actions
- Participate in performing physical exploitation, network exploitation, and social engineering assessments against authorized targets
- Leverage Cyber Threat Intelligence, Offensive Security Research, previous Adversary Simulation (Red Team) findings, and internal risk intelligence to develop test cases demonstrating TTP effectiveness against Experian's control environment
- Help establish and lead Social Engineering and Human Risk Assurance functions
- Work with the team to provide remediation recommendations across the organization to aid with remediation/mitigation of identified Cyber Risks
- Develop scripts, tools, and methodologies to increase Offensive Security's capabilities and educate other team members
- Use AI tools to help with Offensive Security activities while complying with Experian's Acceptable Use of AI policies and Offensive Security Rules of Engagement
- Use MITRE ATT&CK Framework and other structured attack analysis tools to describe and classify attacker methodology and significance
Requirements:
- 8+ years of cybersecurity experience, 3+ years of experience in offensive security and adversary simulation
- Understanding of Human Risk and experience performing social engineering assessments, which can move the needle on Human Risk
- Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services and healthcare sectors
- 3+ years of experience in two or more of the following areas: Network penetration testing and manipulation of network infrastructure, Web application penetration testing assessments, Email, phone, or physical social-engineering assessments, Developing, extending, or modifying exploits, shell code or exploit, Covert physical intrusion, Cloud security or penetration testing (any major provider)
- Proficient in attacker tooling, including post-exploitation frameworks and tooling
- Proficient in one or more of the following programming/scripting languages (C, C++, C#, Go, Python, PowerShell, Bash, or Ruby)
- Knowledge of current cloud attack methodologies and mitigations
- Knowledge of Windows Operating System architecture and internals, and use thereof in an enterprise environment
- Social Engineering knowledge, such as OSINT, spear phishing, vishing, and other initial access methods
- Knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses, and filesystems
- Knowledge of IT technologies and methods to secure them, specifically for databases, SharePoint, storage area networks, cloud-based storage, and data warehouses
- Knowledge of GenAI platforms and how they can be combined with agentic workflows
- Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, GXPN, or equivalent experience