Staff Security Engineer, CVS Health

CVS Health

Location:
United States, Work at Home

Category:
IT - Software Development

Contract Type:
Employment contract

Salary:

142140.00 - 284280.00 USD / Year

Save Job

Apply Position

Job Description:

CVS Health is seeking a highly skilled and passionate individual contributor to join our enterprise offensive security team. This role is centered on executing continuous, intelligence-driven Red Team campaigns that emulate sophisticated adversaries across hybrid environments. The ideal candidate will demonstrate technical rigor and a relentless drive to uncover and address security weaknesses across the enterprise.

Job Responsibility:

Execute enterprise-wide Red Team operations, simulating advanced adversary tactics, techniques, and procedures (TTPs)
Conduct threat intelligence-guided adversary emulation aligned with real-world threat actor profiles and campaigns
Perform deep adversarial testing across cloud platforms (AWS, Azure, GCP), targeting identity, access, configuration, and persistence mechanisms
Develop and maintain custom tools and infrastructure to support stealthy, scalable Red Team activities
Leverage AI/ML technologies to automate reconnaissance, payload generation, campaign orchestration, and reporting
Collaborate with SOC, detection engineering, and incident response teams to enhance detection and response capabilities through Purple Team exercises
Ensure findings are clearly documented, communicated, and remediated in coordination with responsible teams
Stay current with emerging adversary techniques, threat actor behaviors, and offensive security trends
Contribute to knowledge sharing and mentoring within the offensive security team

Requirements:

7+ years of experience in cybersecurity
5+ years in Red Team operations and adversary emulation
1+ years of proven experience in cloud adversarial testing across AWS, Azure, and GCP
1+ years of proficiency in scripting and automation (Python, PowerShell, Bash)
Deep expertise in adversary simulation, particularly in cloud environments
Strong focus on automation and AI to enhance operational efficiency
Experience with frameworks such as MITRE ATT&CK, CALDERA, and Atomic Red Team
Bachelor's degree in computer science, Information Security, or related field (or equivalent work experience)

Nice to have:

Strong proficiency in tools such as Cobalt Strike, Sliver, Mythic, Empire, and custom payload development
Experience integrating AI/ML into offensive security workflows
Deep understanding of Windows, Linux, and macOS internals, including evasion techniques
Familiarity with threat intelligence platforms and their application to offensive operations
Relevant certifications (e.g., OSCP, CRTO, OSEP, OSCE, or equivalent)
Experience with Purple Team collaboration and detection validation
Knowledge of enterprise security architecture, EDR/XDR platforms, and SIEM technologies
Strong communication skills for technical and executive audiences
Passion for offensive security, continuous learning, and innovation

What we offer:

Affordable medical plan options
401(k) plan with matching company contributions
Employee stock purchase plan
No-cost wellness screenings
Tobacco cessation and weight management programs
Confidential counseling and financial coaching
Paid time off
Flexible work schedules
Family leave
Dependent care resources
Colleague assistance programs
Tuition assistance
Retiree medical access
CVS Health bonus, commission or short-term incentive program
Company equity award program

Additional Information:

Job Posted:
November 08, 2025

Expiration:
December 31, 2025

Employment Type:

Fulltime

Work Type:

Remote work

View All Jobs In This Company

Job Link Share:

Staff Security Engineer