Senior Offensive Security Engineer, Red Team

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G.  Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide.  Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands.From Day 1, you’ll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded.The OpportunityAre you a person who is passionate about breaking applications, devices, services and/or processes to help protect them against the world’s most advanced cyber security adversaries?The Information Security Protect organization at P&G is responsible for providing a realistic depiction of threat actor behaviors and scenarios during simulated exercises. We drive improvements to applications and systems, as well as detection and response capabilities through regular testing of security controls across the enterprise.Responsibilities:Lead end-to-end red team operations aligned to priority threat actors: scenario design, ROE, pre-briefs, execution, and hot-wash/AAR.Support purple-team engagements with DFIR/SOC and Detection Engineering to convert TTPs into durable detections, runbooks, and response improvements with measurable outcomes.Orchestrate assumed-breach campaigns emphasizing evasion and control bypass (EDR/AV, email/web security, identity/conditional access, network segmentation, cloud guardrails).Perform campaign/TTP research, develop internal PoCs/tooling (e.g., tradecraft to exercise specific controls, lightweight payloads), and steward OPSEC.Produce executive-ready risk narratives and technical reporting (ATT&CK mapping, artifacts, evidence handling) and brief senior leadership.Mentor junior engineers; set standards for craft quality, methodology, and safety.Coordinate multi-party/third-party exercises; manage risk, deconflict with production, and ensure stakeholder alignment.Contribute to operational expansion by researching, prototyping, and developing novel capabilities for offensive use.Contribute to program maturity: metrics/KPIs, roadmap, methodology standardization, control validation cadence, and integration with vulnerability management.

Created: 2025-12-02