Senior Offensive Security Engineer, Red Team

    • Procter & Gamble
  • Cincinnati, OH
  • Posted 31 days ago | Updated 1 hour ago

Overview

On Site
Full Time

Skills

Information Technology
Innovation
Cyber Security
Information Security
Testing
Security Controls
System On A Chip
Audiovisual
AV
Web Security
Network
Cloud Computing
Reporting
Mapping
Leadership
Mentorship
Management
Research
Prototyping
KPI
Roadmaps
Cadence
Vulnerability Management

Job Details

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands.

From Day 1, you?ll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful workthat will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded.

The Opportunity

Are you a person who is passionate about breaking applications, devices, services and/or processes to help protect them against the world?s most advanced cyber security adversaries?

The Information Security Protect organization at P&G is responsible for providing a realistic depiction of threat actor behaviors and scenarios during simulated exercises. We drive improvements to applications and systems, as well as detection and response capabilities through regular testing of security controls across the enterprise.

Responsibilities:

  • Lead end-to-end red team operations aligned to priority threat actors: scenario design, ROE, pre-briefs, execution, and hot-wash/AAR.
  • Support purple-team engagements with DFIR/SOC and Detection Engineering to convert TTPs into durable detections, runbooks, and response improvements with measurable outcomes.
  • Orchestrate assumed-breach campaigns emphasizing evasion and control bypass (EDR/AV, email/web security, identity/conditional access, network segmentation, cloud guardrails).
  • Perform campaign/TTP research, develop internal PoCs/tooling (e.g., tradecraft to exercise specific controls, lightweight payloads), and steward OPSEC.
  • Produce executive-ready risk narratives and technical reporting (ATT&CK mapping, artifacts, evidence handling) and brief senior leadership.
  • Mentor junior engineers; set standards for craft quality, methodology, and safety.
  • Coordinate multi-party/third-party exercises; manage risk, deconflict with production, and ensure stakeholder alignment.
  • Contribute to operational expansion by researching, prototyping, and developing novel capabilities for offensive use.
  • Contribute to program maturity: metrics/KPIs, roadmap, methodology standardization, control validation cadence, and integration with vulnerability management.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.