Offensive Security Analyst II
JM Family Enterprises, Inc. · Miami-Fort Lauderdale Area · 1 wk ago
HybridInformation TechnologyFull-time
Responsibilities
- Conduct offensive security activities including penetration testing, attack simulations, threat-based assessments, and control validation across on-prem, cloud, identity, and SaaS environments.
- Execute and assist in the development of red team and purple team exercises, collaborating with detection and response teams to validate defensive coverage.
- Identify, validate, and responsibly disclose security weaknesses to stakeholders, providing clear remediation guidance and risk context.
- Design, develop, and maintain custom offensive security tooling (Python, PowerShell, Bash, or similar), including frameworks, reusable modules, and automation that scale testing beyond point-in-time assessments.
- Evaluate when to build versus buy offensive security capabilities, with a bias toward internal tooling where it improves flexibility, visibility, or speed of iteration.
- Incorporate AI-assisted techniques (e.g., automation, chaining analysis, signal prioritization) to increase testing efficiency and analyst leverage.
- Contribute documentation such as test reports, playbooks, findings templates, and executive-level summaries.
- Contribute to the long-term architecture of the offensive security program, including shared libraries, testing pipelines, data models, and reporting outputs optimized for reuse and scale.
- Mentor junior analysts and contribute to team knowledge sharing.
- Partner with application and platform engineering teams not only to test systems, but to co-design secure patterns, reference implementations, and reusable testing components.
- Build developer-consumable assets (templates, scripts, sample exploits, safe test harnesses) that enable teams to self-validate security assumptions earlier in the SDLC.
- Provide developer-friendly remediation guidance, proof-of-concepts, and secure coding recommendations that are actionable and aligned to real-world development workflows.
- Support the integration and tuning of security testing tools within CI/CD pipelines, balancing detection depth with developer experience and signal quality.
- Collaborate with Security Engineering and Application teams to improve self-service security capabilities, documentation, and testing patterns that developers can reuse.
- Participate in post-testing debriefs with developers to educate, coach, and improve security outcomes—not just report findings.
Qualifications
- Hands-on experience with penetration testing, red team, purple team, or adversary emulation activities.
- Strong understanding of Windows, Active Directory, Azure/Entra ID, networking, cloud platforms, and SaaS architectures.
- Experience with common offensive security tools and frameworks (e.g., C2 frameworks, vulnerability scanners, exploit frameworks).
- Knowledge of MITRE ATT&CK, kill chains, and attacker tradecraft.
- Experience validating security controls such as EDR, SIEM, identity protections, email security, and cloud security controls.
- Strong scripting and automation skills; ability to customize or build tools to support testing objectives.
- Ability to translate technical findings into clear risk-based narratives for technical and non-technical audiences.
- Strong analytical, problem-solving, and critical-thinking skills.
- Able to work independently while collaborating effectively in cross-functional teams.
- High attention to detail with a strong sense of ethics and responsible disclosure.
- Experience working directly with software engineers to remediate vulnerabilities and improve secure development practices.
- Understanding of modern SDLC and CI/CD pipelines, including how security testing fits into developer workflows.
- Familiarity with secure coding practices and common vulnerability classes in modern applications (web, APIs, cloud-native services).
- Ability to communicate security findings in a way that developers can quickly understand, prioritize, and fix.
- Mindset oriented toward enablement over enforcement, with a focus on reducing friction while improving security outcomes.
- Background in software engineering, platform engineering, or SRE, with a desire to specialize in security.
- Experience designing or maintaining production-quality code, not just scripts.
- Comfort working with APIs, data pipelines, CI/CD systems, and cloud-native services as part of security capability development.
- Curiosity and practical interest in applying AI/ML-assisted techniques to security testing, automation, and analysis.