Jobs · Information Technology · Washington

Staff Security Engineer – Red Team (AI)

GEICO · Seattle, WA · 5 days ago
On-siteInformation Technology$110k–$260k/yrFull-time

About the role

We are seeking a hands-on Staff Security Engineer for our Red Team with deep technical expertise in running AI-driven adversary operations that measurably improve detection and response processes.

Responsibilities

  • Participate in AI-focused adversary operations: plan, execute and deliver Red Team, Purple Team and other Adversary Emulation operations.
  • Scope and design operations: define objectives, target scope, success criteria, safety controls.
  • Develop and run emulations: build, customize, and execute emulation plans using platforms such as MITRE Caldera, or similar products.
  • Execute advanced AI-leveraged tradecraft across enterprise environments (identity, endpoints, networks, cloud, SaaS) in a controlled, measurable way.
  • Partner with defenders: work directly with Detection Engineering, Threat Intelligence, and Risk Management to validate telemetry coverage, tune detections, improve response playbooks, and close visibility gaps.
  • Champion continuous improvement and innovation in adversary operations techniques, tools, and methodologies.

Requirements

  • 8+ years of experience in Offensive Security operations.
  • 5+ years of hands-on experience running Red Team, Purple Team, and other Adversary operations in enterprise environments.
  • Deep understanding of LLM architecture and familiarity with how models process input, manage context, and generate output.
  • Experience with AI frameworks and tools such as PyTorch, TensorFlow, Hugging Face, and LangChain.
  • Experience with Azure, AWS, GCP or other cloud providers.
  • Strong working knowledge of MITRE ATLAS and ATT&CK, and the ability to translate TTPs into repeatable emulations and measurable detection outcomes.
  • Hands-on experience with adversary emulation platforms, including building/maintaining emulations and running operations.
  • Demonstrated capability with core operator tradecraft (C2, payload delivery, privilege escalation, lateral movement, persistence, and operational security) appropriate to authorized testing.
  • Extensive use of red team frameworks: Cobalt Strike, Sliver, Metasploit, Empire, BloodHound.

Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science or a related field.

Skills

  • Progressive experience on Offensive Security operations.
  • Deep understanding of LLM architecture and familiarity with how models process input, manage context, and generate output.
  • Experience with AI frameworks and tools such as PyTorch, TensorFlow, Hugging Face, and LangChain.
  • Experience with Azure, AWS, GCP or other cloud providers.
  • Strong working knowledge of MITRE ATLAS and ATT&CK, and the ability to translate TTPs into repeatable emulations and measurable detection outcomes.
  • Hands-on experience with adversary emulation platforms, including building/maintaining emulations and running operations.
  • Demonstrated capability with core operator tradecraft (C2, payload delivery, privilege escalation, lateral movement, persistence, and operational security) appropriate to authorized testing.
  • Extensive use of red team frameworks: Cobalt Strike, Sliver, Metasploit, Empire, BloodHound.

Benefits

The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers.

Pay

$110,000.00 - $260,000.00 Annual Salary

Schedule

Full-time

Similar jobs