Lead Security Engineer

Our Company

We care about helping people. Our purpose is to provide help and inspire confidence in our clients and communities everywhere. Our associates feel a sense of belonging in an inclusive place with an amazing history and a sharp focus on our future. Our connected culture is who we are and how we work together to achieve our strategies, accelerate our transformation, and achieve extraordinary results. It's an exciting time to be a part of H&R Block!
What you'll do...

At H&R Block, we are in search of customer-centric people with bold ideas who want to make a difference and help transform the company. When you come and work with us, you are joining a group that is grounded in the spirit of entrepreneurship - nimble, quick, self-starters who are drawn to try new things and solve big challenges. We need innovators, creators, and achievers like you who are eager to disrupt an entire industry. The Lead Red Team Engineer blends deep technical expertise with strategic influence, ensuring that Red Team efforts align with business objectives and drive continuous improvement in our security defenses.

As the Lead Red Team Engineer, you will lead our offensive security initiatives, driving advanced adversary emulation operations to proactively uncover vulnerabilities and strengthen enterprise defenses. You'll partner with senior InfoSec leadership to define Red Team strategy, mentor junior team members, and collaborate across functions, including close coordination with the Threat Intelligence and SIRT teams, leveraging Threat Intel insights to guide Red Team planning and sharing Red Team findings to enhance detection and response capabilities. This role aligns with the NIST CSF Govern and Recover functions by translating Red Team findings into actionable risk reporting, policy updates, remediation tracking, and by validating and improving incident recovery playbooks, resilience measures, and RTO/RPO objectives.

Day to day you'll...

• Lead Red Team Operations: Direct and execute advanced threat emulations, overseeing all phases of Red Team engagements
• Simulate Sophisticated Threats: Identify and exploit vulnerabilities by emulating real-world attacker tactics and adapting techniques as needed
• Integrate Threat Intelligence: Collaborate with the Threat Intelligence team to ensure Red Team operations are guided by the latest threat actor tactics, techniques, and procedures (TTPs) and attack trends relevant to our organization. All relevant insights should be shared between teams to inform threat profiles and identify potential gaps in our processes
• Document & Report Findings: Document attack methods and findings, presenting clear remediation advice to technical and executive stakeholders
• Drive Remediation & Defense Improvements: Collaborate organization-wide to prioritize and fix vulnerabilities and improve detection and response capabilities
• Maintain & Develop Tooling: Manage Red Team infrastructure and tools, developing new capabilities to keep pace with evolving threats
• Mentorship & Team Leadership: Mentor junior engineers and foster a collaborative, growth-focused team environment
• Cross-Functional Collaboration: Partner with IT and development teams to share offensive security insights and strengthen defenses
• Strategic Program Development: Shape Red Team strategy and align testing with business risks and security priorities.
• Security Leadership & Innovation: Lead security initiatives and share expertise to build a security-first culture across the organization

What you'll bring to the team...

• Bachelor's degree in computer science, Engineering, related discipline, or equivalent experience
• At least 5 years of experience in security related profession
• 2+ years in Offensive Security role, such as Red Team or Penetration Testing
• 3+ years in Information Technology role, such as Software Development, SysAdmin, etc.
• Experience performing security work in heterogenous Windows AD and Linux environments
• Experience securing, managing or developing in cloud environments
• Experience shell scripting or automation of simple tasks using Python, C# or Go
• Proven experience leading advanced Red Team engagements and simulating real-world threats
• Deep expertise in offensive security tools, exploit development, and Red Team infrastructure management
• Strong knowledge of cloud security, enterprise networks, and technologies like Azure, AWS, and Active Directory
• Skilled in scripting and automation (Python, PowerShell, C#, or similar) for offensive operations.
• Ability to clearly document findings and communicate technical issues to diverse audiences, including executives
• Demonstrate leadership and mentoring experience to develop junior team members
• Collaborative mindset for cross-functional work with IT, development, and defensive teams
• Experience working with Threat Intelligence teams to align Red Team activities with current threat landscapes and to share operational findings that enhance organizational threat awareness
• Solid understanding of security frameworks, detection evasion, and mapping tactics (e.g., MITRE ATT&CK)
• Analytical, creative problem-solver with adaptability during engagements.
• High ethical standards with a commitment to safe, compliant Red Team operations

It would be even better if you also had...

• Relevant industry certifications such as OSCP, OSCE/OSEP, PNPT, or CRTO are highly valued. These demonstrate a tested technical skillset in offensive security
• Experience with malware development or reverse engineering, exploit writing, or hardware hacking is a strong plus. Prior work in developing custom proof-of-concept exploits, payloads, or modifying tools to bypass detections, will set you apart
• Hands-on experience with cloud-native environments and containerization. Familiarity with Containers (Docker, Kubernetes) and related security considerations. Experience conducting Red Team operations in cloud (Azure AD/O365 attacks, AWS environment pivots, etc.) or against CI/CD pipelines is a plus.
• Broad knowledge of the offensive security toolkit and tradecraft. Experience with a variety of attack tools and frameworks (e.g. Covenant, Mythic, BloodHound, Empire) and tactics for evading EDR, WAFs, and other defenses. Experience with Purple Teaming or using automated breach simulators can also be beneficial
• Exposure to defensive security roles (Blue Team, Incident Response, Threat Hunting) or security engineering. This helps in understanding how detections occur and how to stealthily avoid them. Familiarity with SIEM/SOC processes or incident response playbooks can improve effectiveness as a Red Teamer
• Knowledge of relevant compliance frameworks (such as PCI-DSS, SOX, NIST CSF) and how Red Team operations can support control maturity objectives. Experience in a highly regulated environment or finance/technology sector is a bonus, as it indicates ability to navigate complex requirements

Why work for us

Since 1955, we have been leaders in tax preparation, financial services, and small business solutions. With 70,000 associates and 9,000 retail tax locations across North America, Australia, Ireland, and India, we have helped millions of clients and countless communities. If you embrace challenges as opportunities, value winning as a team, and seek to make a meaningful difference, join us on our journey. You'll reap the rewards of helping others along with competitive compensation and benefits to support your health and well-being.

Specific benefits may vary based on your role. For detailed eligibility requirements and benefits information, visit blockbenefits.com.

Equal Opportunity Employer: H&R Block does not tolerate discrimination based on a person's race, color, religion, ancestry, age, sex/gender (including pregnancy, childbirth, related medical conditions and sex-based stereotypes and transgender status), sexual orientation, gender identity or expression, service in the Armed Forces, national origin, physical or mental disability, genetic information, citizenship status or any other status protected by law.
Pay Range Information

The pay range for this position is listed below. Local minimum wage laws apply. This information is posted pursuant to local requirements to provide applicants with information about what they might be eligible to receive. Individual pay decisions will depend on job-related factors such as experience, education, skill, performance, and geographic location where work will be performed. Successful candidates may be able to participate in one or more incentive compensation or short-term incentive plans, which could generate additional earnings in accordance with the terms of each plan.
Qualifying associates can enroll themselves and/or their eligible dependents in medical and prescription drug coverage; can participate in the H&R Block Retirement Savings Plan (401(k) Plan), the Employee Assistance Program, (virtual) fitness center programs, and the associate discount program; are automatically enrolled in Business Travel Accident Insurance; and receive Associate Tax Prep benefit.
Pay Range

$117,700.00 - $188,300.00/Yr.