Transform security from a barrier to a Catalyst
Offensive Security Engineer, Horizon3.ai NodeZero
Location
United States
Posted
1 day ago
Salary
0
Seniority
Senior
Job Description
Offensive Security Engineer, Horizon3.ai NodeZero
Foresite Cybersecurity
• Partner closely with internal Blue Teams, SOC Analysts, and client IT leaders to identify vulnerabilities, map attack paths, and validate remediations. • Configure, deploy, and manage the Horizon3.ai NodeZero platform across diverse multi-tenant client environments, covering internal, external, cloud, and hybrid infrastructures. • Schedule and execute continuous or on-demand autonomous penetration tests based on client risk profiles, compliance mandates, or zero-day threats. • Analyze complex NodeZero testing outputs to differentiate between theoretical vulnerabilities and actual, exploitable attack vectors. • Translate highly technical attack data into clear, risk-prioritized remediation strategies for client IT and security leaders. • Conduct strategic Quarterly Business Reviews (QBRs) to visually demonstrate client security posture improvements and measurable security outcomes over time.
Job Requirements
- 3–5 years of experience in cybersecurity, with at least 2 years working within an MSSP, SOC, or offensive security consulting team.
- Deep understanding of penetration testing methodologies, the MITRE ATT&CK framework, and common network/cloud lateral movement techniques.
- Proven hands-on experience with Horizon3.ai NodeZero (certification or accreditation under the Horizon3.ai Vanguard Partner Program is a major plus).
- Strong grasp of enterprise networking (VLANs, firewalls, routing) and hybrid cloud architectures (AWS, Azure, GCP).
- Exceptional ability to explain complex technical vulnerabilities and exploit chains to non-technical executive stakeholders.
- Bachelor’s degree or equivalent practical experience.
- Preferred Certifications: Horizon3.ai NodeZero Certified Professional / Administrator, CEH (Certified Ethical Hacker), CompTIA PenTest+, or OSCP (Offensive Security Certified Professional).
Benefits
- Comprehensive Health & Wellness: Robust medical insurance options to keep you and your family healthy.
- Employer-Covered Insurance: We fully provide employer-paid Dental coverage, as well as Short-Term (STD) and Long-Term Disability (LTD).
- Generous Time Off: We believe in a true work-life balance. You’ll start with 3 weeks of paid vacation, plus additional sick leave and paid company holidays.
- Growth & Mentorship: Access to world-class training. We support your career trajectory, whether you’re looking to deepen your technical skills or move into leadership.
- Impactful Work: Help protect global clients using the latest AI-enhanced security tools and GCP native technologies.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Information System Security Manager – ISSM
Sabel Systems Technology Solutions, LLCProviding digital solutions for software, requirements, systems design, integration, and testing - digital engineering.
• Cyber Risk Assessments and Implement security protocols • Provide in-person and/or remote/hybrid technical security engineering solutions to meet customer’s cybersecurity requirements • Participate in change control boards as a voting member and Evaluate security impacts with design changes • Validate software integrity and acquisition • Develop appropriate policy in accordance with DoD regulations and industry best practices • Oversee security tool efficacy as dictated by the customer (i.e. ACAS, ESS, STIG, SIEM, Back-up/Restoral, ICAM) • Conduct vulnerability scans on a weekly basis in accordance with DAF TASKORDS and DoD regulations • Stay updated with the latest DoD regulations, emerging cybersecurity trends • Develop and implement custom detection techniques to identify new and emerging threats • Report findings to stakeholders and assist in the creation of actionable security recommendations • Collaborate with SOC analysts and incident response teams to investigate, remediate, and escalate security incidents • On-call and/or evening or weekend hours may be required, as needed, for emergent issues • SCA and ATO engagement and eMass package creation and management • Up to 10% domestic travel could be required
• Advise our clients in developing, implementing and reviewing security concepts in a (partially) project-leading capacity • Conduct IT risk analyses and implement and develop security standards and processes • Proactively identify client needs: document, review and evaluate processes • Design goal-oriented, tailored solutions together with our clients, speaking “their language” • Support the implementation and ongoing development of the ISMS at our clients • Improve risk posture and information security by initiating, coordinating and monitoring recommended measures — your hands-on mentality is in demand with our clients
• Advise our clients on developing, implementing and reviewing security concepts in a (partly) project-leading capacity • Perform IT risk analyses as well as implement and develop security standards and processes • Proactively identify client needs: document, assess and evaluate processes • Design goal-oriented, customized solutions together with our clients, speaking “their language” • Support the implementation and ongoing development of clients' ISMS • Improve the risk posture/information security by initiating, coordinating and monitoring recommended measures — your hands-on mentality is in demand with our clients
Role Description We are seeking a Security Engineer with expertise in implementing and troubleshooting security tools to enhance and support our security infrastructure. This role focuses on evaluating, deploying, and maintaining a suite of security technologies that protect our organization’s assets. The ideal candidate will have extensive experience in security engineering, hands-on tool deployment, and troubleshooting complex issues within various security solutions. Key Responsibilities - Security Tool Implementation: Lead the planning, deployment, and configuration of security tools, ensuring they meet organizational needs and integrate seamlessly with existing systems. Experience with SASE tools such as (Netskope/Zscaler), EDR tools such as (Crowdstrike/SentinelOne), Endpoint Privilege Management, Application Allowlisting, Email Security, SIEM Management and Detection Engineering. - Troubleshooting and Support: Diagnose and resolve issues with security tools in real-time to maintain their effectiveness, reduce downtime, and ensure optimal performance. - Tool Evaluation and Testing: Research, test, and recommend new security technologies based on the latest threat landscape and organizational needs. Lead proof-of-concept (POC) projects to assess potential new tools. - System Integration: Work closely with IT and other teams to ensure security tools are effectively integrated with various systems, including cloud and on-premises environments. - Automation and Optimization: Develop scripts and automation processes to improve the efficiency and reliability of security tools, minimizing repetitive tasks and reducing time-to-response. - Documentation and Knowledge Sharing: Create and maintain detailed documentation of security tool configurations, troubleshooting procedures, and best practices to ensure consistent processes and knowledge transfer. - Collaboration: Collaborate with other security teams, such as incident response and vulnerability management, to identify tool requirements, share insights, and improve overall security capabilities. - Training and Mentorship: Act as a subject matter expert on security tools, providing training and guidance to junior team members and stakeholders. Qualifications - Experience: 3+ years of experience in cybersecurity, with a focus on security engineering, tool deployment, and troubleshooting. - Education: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). - Certifications: Relevant certifications, such as CISSP, GIAC, CEH, or vendor-specific certifications for security tools (e.g., CrowdStrike, Netskope, Tenable, or similar). - Technical Skills: - Strong hands-on experience with a variety of security tools, such as endpoint protection, SIEM, vulnerability management, EDR, DLP, and network security tools. - Deep troubleshooting skills across both hardware and software security solutions. - Familiarity with scripting languages (Python, PowerShell, Bash) for automation of tasks related to tool deployment and management. - Understanding of network protocols, cloud environments, and security frameworks (MITRE ATT&CK, NIST, CIS). - Experience with configuring and managing tools in cloud environments (AWS, Azure, or GCP). - Soft Skills: - Strong analytical and problem-solving abilities with attention to detail. - Excellent communication skills to collaborate across teams and convey technical information effectively. - Ability to work independently and manage multiple projects in a fast-paced environment. Benefits - Flexible work environment. - In-person onboarding for remote employees. - Support for candidates needing accommodations.



