at Humana in Dover, Delaware, United States
Humana is focused on helping people achieve wellness, which includes peace of mind knowing their most sensitive data – information on their health – is secure from prying eyes. The Humana Red Team helps bolster that security by providing meaningful data and practice to Humana’s defenders. If you’re passionate about planning and executing operations that stress business functions, push the limits of our defender’s detection and response capabilities, and provide critical information that guides organization-wide decisions, then we should talk.
To be successful in this position, you will need strong, open, and honest communication skills; a solid technical base with a driving curiosity; and a desire to build relationships within the team, with our blue team, and our engineering colleagues. You don’t need to know it all to get the position, but you should desire to progress your knowledge and skills with a track record of learning new things and applying the knowledge.
+ A bachelor’s degree (or higher) in an engineering or computer science related field
+ At least five years of security experience, preferably with experience in engineering or offensive operations
+ A red team mindset: Can you bend software, services, or processes to your will as an attacker? Can you harness that into a cohesive product that helps the organization grow?
+ Self-accountability and organization: No one likes micromanagement. As a senior engineer, you should be able to independently manage and execute complex work that spans teams within Humana, aligns to the Red Team’s overall objectives, and informs future Red Team improvements.
+ Strong notetaking and documentation skills
+ Detail-oriented research and troubleshooting
+ Communication: We’re all remote which requires intentionality around communication with the team. Our unique function also requires the ability to explain complex topics or operations to a variety of audiences. We want to see you’re up to the task.
+ Strong technical base: You don’t need to know it all, but you should know enough to accomplish common tasks and know what questions to ask when you can’t. This includes efficient research skills to quickly find and implement new information in support of operational and team needs. Some things we’d like to see:
+ Experience with building programs in languages like Python. Good coding practices and source code management are a big plus, as is experience with compiled languages, particularly C++ and C#
+ Good foundation with Shell and PowerShell scripting
+ Active Directory abuse
+ Cloud Service Provider abuse (Azure and AWS preferred)
+ Infrastructure deployment and configuration (Command and Control, Phishing, etc.)
+ Defense Evasion techniques to support red team operations
+ Hands-on certifications like OSCE, OSEP, CRTO I/II are a plus
+ Operations: More goes into an operation than just hacking all the things. We’d like to see you understand the business behind the operation – particularly scoping and reporting.
+ Giving Back: Knowledge kept to ourselves isn’t very useful. We look for ways that you’ve given back to the community, like contributing to open-source projects or sharing security information, and ways you’ve helped your prior team(s) grow by sharing knowledge you’ve gained.
If that sounds like you, we look forward to talking!
Scheduled Weekly Hours
Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our https://www.humana.com/legal/accessibility-resources?source=Humana_Website.