Red Team Lead - Principal Security Engineer

We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future.   

The Opportunity

We’re hiring a seasoned Red Team / Adversarial Simulation Lead to elevate our offensive security capability across enterprise, cloud, and business processes. You’ll lead a small, senior team conducting full-scope adversary emulations and targeted operations mapped to MITRE ATT&CK to proactively surface risk and measurably improve defenses.

You’ll partner closely with Incident Response, Threat Intelligence, Cloud Security, Identity, and Engineering leaders to prioritize scenarios that matter most to our customers and business.

This role will have a Hybrid work schedule, with the expectation of working in an office (Columbus, OH, Chicago, IL, Hartford, CT or Charlotte, NC) 3 days a week (Tuesday through Thursday). 

What You’ll Do

• Demonstrated expertise in establishing and leading Red Team or Adversarial Simulation programs from inception, encompassing the development of governance frameworks and detailed operational playbooks.
• Lead operations: Plan, authorize, and execute red-team engagements and adversary emulation campaigns across endpoints, identity, applications, cloud, and third-party integrations - safely, ethically, and with strong OPSEC.
• Support purple teaming: Run collaborative exercises to validate detections and response playbooks; produce actionable improvements for SOC/IR.
• Use frameworks that scale: Design scenarios and reporting mapped to MITRE ATT&CK  to ensure consistent, comparable results.
• Measure what matters: Define KPIs (detection coverage, time-to-detect, control efficacy) and communicate outcomes and risk reduction to senior stakeholders.
• Guide tech & tooling: Maintain secure C2/infrastructure and lab environments; evaluate Breach and Attack Simulation tooling and capabilities to complement manual operations.
• Mentor & grow talent: Set tradecraft standards, coaching operators on OPSEC, detections-as-deliverables, and high-impact reporting (exec-ready narratives and technical proof).
• Champion safety & compliance: Ensure appropriate scoping, approvals, deconfliction, and safety controls for all activities.

Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.

What You Bring

• Experience: 5+ years in offensive security (red team, adversary emulation, or advanced penetration testing) with 3+ years leading operations or teams in enterprise environments.
• Tradecraft: Proficiency in planning and executing multi-stage operations across Windows, Linux, macOS, identity (AAD/Entra), and major clouds (AWS/Azure/GCP).
• Advanced Evasion & OPSEC Techniques: Ability to bypass modern EDR/XDR, SIEM correlation, and behavioral analytics while maintaining stealth.
• Active Directory & Hybrid Identity Tradecraft: Domain privilege escalation, trust abuse, and persistence techniques.
• Framework fluency: Deep familiarity with MITRE ATT&CK and mapping findings to techniques/tactics for detection engineering and risk reporting.
• Scripting & engineering: Strong hands-on capability with at least two: PowerShell, Python, Go, or C#; comfort building/operating secure C2/labs.
• Detection awareness: Ability to partner with blue teams to validate EDR/SIEM detections, harden controls, and tune signal-to-noise.
• Communication: Executive-level storytelling plus clear, reproducible technical documentation.

Certifications (preferred): OSCP, OSEP, CRTO/CRTP, GIAC (e.g., GXPN, GCTI, GCPN), CISSP.

Compensation

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:

Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age

About Us | Our Culture | What It’s Like to Work Here | Perks & Benefits