Staff Security Engineer – Red Team (AI)
GEICO · Seattle, WA · 5 days ago
On-siteInformation Technology$110k–$260k/yrFull-time
About the role
We are seeking a hands-on Staff Security Engineer for our Red Team with deep technical expertise in running AI-driven adversary operations that measurably improve detection and response processes.
Responsibilities
- Participate in AI-focused adversary operations: plan, execute and deliver Red Team, Purple Team and other Adversary Emulation operations.
- Scope and design operations: define objectives, target scope, success criteria, safety controls.
- Develop and run emulations: build, customize, and execute emulation plans using platforms such as MITRE Caldera, or similar products.
- Execute advanced AI-leveraged tradecraft across enterprise environments (identity, endpoints, networks, cloud, SaaS) in a controlled, measurable way.
- Partner with defenders: work directly with Detection Engineering, Threat Intelligence, and Risk Management to validate telemetry coverage, tune detections, improve response playbooks, and close visibility gaps.
- Champion continuous improvement and innovation in adversary operations techniques, tools, and methodologies.
Requirements
- 8+ years of experience in Offensive Security operations.
- 5+ years of hands-on experience running Red Team, Purple Team, and other Adversary operations in enterprise environments.
- Deep understanding of LLM architecture and familiarity with how models process input, manage context, and generate output.
- Experience with AI frameworks and tools such as PyTorch, TensorFlow, Hugging Face, and LangChain.
- Experience with Azure, AWS, GCP or other cloud providers.
- Strong working knowledge of MITRE ATLAS and ATT&CK, and the ability to translate TTPs into repeatable emulations and measurable detection outcomes.
- Hands-on experience with adversary emulation platforms, including building/maintaining emulations and running operations.
- Demonstrated capability with core operator tradecraft (C2, payload delivery, privilege escalation, lateral movement, persistence, and operational security) appropriate to authorized testing.
- Extensive use of red team frameworks: Cobalt Strike, Sliver, Metasploit, Empire, BloodHound.
Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science or a related field.
Skills
- Progressive experience on Offensive Security operations.
- Deep understanding of LLM architecture and familiarity with how models process input, manage context, and generate output.
- Experience with AI frameworks and tools such as PyTorch, TensorFlow, Hugging Face, and LangChain.
- Experience with Azure, AWS, GCP or other cloud providers.
- Strong working knowledge of MITRE ATLAS and ATT&CK, and the ability to translate TTPs into repeatable emulations and measurable detection outcomes.
- Hands-on experience with adversary emulation platforms, including building/maintaining emulations and running operations.
- Demonstrated capability with core operator tradecraft (C2, payload delivery, privilege escalation, lateral movement, persistence, and operational security) appropriate to authorized testing.
- Extensive use of red team frameworks: Cobalt Strike, Sliver, Metasploit, Empire, BloodHound.
Benefits
The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers.
Pay
$110,000.00 - $260,000.00 Annual Salary
Schedule
Full-time