Senior Cyber Security Engineer (Threat Simulation)

TL;DR

Senior Cyber Security Engineer (Threat Simulation): Executing Red Team adversary emulations and contributing to Purple Team activities to enhance hirify.global's security posture. Focus on proactive testing of hybrid environments, improving cyber detection and response capabilities, and innovating offensive security TTPs.

Location: Hybrid in Chicago, USA

Salary: $116,600–$194,300

Company

hirify.global is the world’s leading derivatives marketplace, enabling you to impact markets worldwide and transform industries.

What you will do

• Execute high-impact Red Team exercises against complex hybrid cloud environments using real-world threat intelligence and MITRE ATT&CK.
• Engineer and maintain Red and Purple Team infrastructure, continuously automating processes for efficiency and scale.
• Co-design and lead joint Purple Team exercises, partnering with cyber defense to improve detection and response.
• Innovate through continuous research into new offensive security TTPs and drive knowledge transfer.
• Conduct specialized, ad-hoc offensive security tests using industry-leading and internally developed tooling.
• Author comprehensive post-exercise reports with detailed technical findings, compromise narratives, and risk-rated recommendations.

Requirements

• 5+ years of experience with industry-standard penetration testing and adversary emulation tools (e.g., Cobalt Strike, Sliver, Mythic, Bloodhound, Burp Suite).
• Expert understanding of the MITRE ATT&CK Framework and advanced evasion techniques.
• Strong comprehension of the cyber kill chain and the full lifecycle of an Advanced Persistent Threat (APT) targeting financial institutions.
• Proficiency in at least one scripting language (e.g., Python, PowerShell) and experience with a compiled language (e.g., Go, C#).
• Deep experience attacking and securing complex cloud, on-prem, and hybrid environments.
• Solid knowledge of Windows and Linux system hardening concepts, Purple Team automation strategies, and vulnerability rating methodologies.
• Proven experience with security within at least one major cloud provider (e.g., AWS, Azure, GCP).

Nice to have

• Previous hands-on experience performing sophisticated adversary emulations/simulations in the financial services sector.
• A recognized offensive security industry certification (e.g., OSCP, GPEN, GXPN, OSWE, eCPTX).
• Familiarity with modern enterprise security standards and frameworks (e.g., TIBER-EU, CBEST, NIST CSF).
• Experience conducting offensive security exercises against emerging technologies, such as AI/ML systems or macOS.

Culture & Benefits

• Supportive environment fostering continuous learning and rapid career progression.
• Inclusive, global team culture with broad exposure to diverse products and cross-functional teams.
• Competitive salary and comprehensive benefits package, including health coverage and a retirement plan (401k and pension).
• Annual target bonus opportunity and opportunity to become an owner through a broad-based equity program.
• Highly competitive education reimbursement provisions and paid time off.
• Holistic benefits package including a mental health benefit.