Sr. Adversarial Emulation Engineer -Remote

You could be the one who changes everything for our 26 million members by using technology to improve health outcomes around the world. As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.

Position Purpose: We are transforming technology and creating a digital evolution that will empower Centene to better serve our members. The Senior Adversarial Emulation Engineer will provide operational and technical support to ensure the ongoing stability of the IT Security environment. They will drive the team forward as a more experienced engineer and will contribute to the IT Security design and leading in IT Security tool implementations. They will mentor and train team members. Act as a point of escalation and subject matter expert for IT Security tools.

Provide Mentorship for Associate Adversarial Engineers and Adversarial Engineers.
Conceptualize automation for lab environment to quickly pivot to a new testing format.
Test and validate detections.
Build Emulation plans and scenarios within the emulation tool. Document all activites during an emulation.
Research and develop future emulation engagements
Research current TTP's of malicious actors
Provide technical support for the IT Security environment and associated applications
Perform daily tasks to ensure the stability and optimization of the IT Security environment, which includes proactively identifying potential system issues before they become a problem, working with team members in deciding a resolution, and implementing the agreed upon resolutions
Maintain all IT Security systems, end user support, monitoring system usage and performance, patching, backup and recovery, file-system management, process automation, server installation and configuration, and third-party application support
Interface with business users and stakeholders to determine solutions
Review operational and organizational changes, assess how these changes will affect the environment and incorporate the changes into the system architecture, as needed
Analyze and resolve complex problems
Manage the scheduling, testing, and implementation of enhancements or new releases of security tool features
Lead the initiative and ownership of maturing applicable IT Security technologies and processes

BA/BS in a related discipline, or equivalent experience. 3+ years of information security experience, preferably in intrusion detection and response, threat hunting, or red/purple teams. Experience creating, analyzing and responding to security alerts from large scale, complex networks. Advanced knowledge of network, system, and web application attacks. Deep understanding of adversary techniques, the signals they generate and how to evade detection. Experience with common offensive tools and their functionality such as Metaspoit, Medusa, NMAP, PowerSploit, Cobalt Strike and Covenant. Knowledge of malware packing, obfuscation, persistence, exfiltration techniques, knowledge of application reverse engineering techniques and procedures. Must have the ability to perform targeted penetration tests without use of automated tools Relevant industry certifications which demonstrate intimate familiarity with the cyber-attack lifecycle. (e.g. GMON, GDAT, GCIH, GCFA, GREM, OSCP, CEH, GCIA, GCIH, CCSP, CAP, CRISC, GWEB, GSSP, GPEN, GFSR, Splunk ESCA, CHFI). Expertise in tools and techniques for analyzing large sets of data. Strong verbal and written communication skills. Experience developing software automation solutions Proficiency in one or more high-level coding or scripting language such as Python, PowerShell, Java Scripting, BASH, C#, Go, SPL, SQL, C++, C

License/Certification:
Systems Security or Administration certifications such as CISSP, GSEC, Linux+, Security+, Network+, Cloud+, CCNA, or CCSA are preferred.

Preferred Experience:

• Strong knowledge of Offensive Security practices and what is needed to drive the program forward.
• Experience utilizing penetration testing tools and how adversaries use them to create tactics, techniques and procedures common with current threat avenues
• Strong understanding of defensive security practices to understand possible evasion tactics or techniques.
• Knowledge of how SIEMs (such as Qradar, Splunk, LogRythm, or Alien Vault) and and EDR's (such as CrowdStrike, Microsoft Defender for Endpoint or Cybereason) function• Experience in developing attack Tactics, Techniques and Procedures (TTPs) using the MITRE ATT&CK Framework construct
• Ability to independently research new vulnerabilities in software products
• Familiar with fundamentals of software exploitation on modern operating systems

Our Comprehensive Benefits Package: Flexible work solutions including remote options, hybrid work schedules and dress flexibility, Competitive pay, Paid time off including holidays, Health insurance coverage for you and your dependents, 401(k) and stock purchase plans, Tuition reimbursement and best-in-class training and development.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.