Humana

Associate Director, Adversary Simulation

Humana

full-time

Posted on:

Origin:  • 🇺🇸 United States • California

Visit company website
AI Apply
Manual Apply

Salary

💰 $156,600 - $215,400 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformPython

About the role

  • Associate Director of Adversary Simulation leads CTS's offensive security capabilities through strategic management of Red Team operations and BAS programs. Lead and develop high-performing Red Team and BAS engineering teams; manage performance and hiring; foster collaborative culture. Lead Red Team engagement planning, stakeholder requirements gathering, target environment identification, and exercise objective setting; provide weekly updates to leadership. Strategic oversight of BAS program delivery through BAS Lead; ensure technical quality of offensive security deliverables and reporting. Ensure collaboration between Red Team exercises and BAS simulations to maximize coverage and create repeatability and scalability. Develop and execute a 12-18 month program strategy for adversary simulation capabilities; manage timelines and resource allocation. Coordinate cross-functional collaboration with CTS teams and external stakeholders; establish metrics and KPIs for program effectiveness. Support incident response activities with adversarial perspective and technical expertise; interface with external partners and stakeholders.

Requirements

  • 3-5 years of management experience leading technical teams in cybersecurity or a related field. Proven track record of developing high-performing technical professionals. Demonstrated ability to manage complex projects with multiple stakeholders and competing priorities. Experience building and scaling technical programs and capabilities. 5-7 years of hands-on experience in offensive security, penetration testing, red team operations, or Breach and Attack Simulation (BAS). Deep understanding of adversarial tactics, techniques, and procedures (TTPs). Proficiency with red team tools, including C2 and Social Engineering frameworks, exploitation tools, and custom payload development. Knowledge of enterprise security technologies and architecture patterns, and their potential vulnerabilities and bypasses. Understanding of threat intelligence and attack lifecycle methodologies. Program management experience coordinating multiple concurrent security assessments or technical projects. Resource planning and allocation skills for technical teams and project deliverables. Risk management capabilities for complex technical operations. Vendor management experience with security service providers and technology partners. (Preferred) Malware development and analysis capabilities. (Preferred) Cloud security expertise (AWS, Azure, GCP) with a focus on offensive techniques. (Preferred) Active Directory and enterprise infrastructure attack methodologies. (Preferred) Scripting and automation skills (Python, PowerShell, Bash). (Preferred) Professional certifications such as CPTS, OSCP, OSEP, CAPE, CBBH, CWEE, OSWE, CRTP, CRTE, CRTO, or equivalent.