Principal Adversary Operations Engineer - Red Team

Weu2019re building a world of health around every individual u2014 shaping a more connected, convenient and compassionate health experience. At CVS Healthu00ae, youu2019ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger u2013 helping to simplify health care one person, one family and one community at a time. Position Summary The Principal Threat Adversary Operations Engineer u2013 Red Team is a senior, highly technical individual contributor responsible for designing and executing advanced offensive security operations across complex enterprise, cloud, and hybrid environments. This role leads the development of custom attack techniques and novel adversary simulations, exploring fringe and emerging attack vectors beyond standard penetration testing methodologies. Penetration testing is a core function of the role, with a focus on uncovering highu2011impact, previously unidentified security weaknesses across networks, applications, identities, and systems. Operating at a principal engineering level, the role builds and executes sophisticated attack campaigns using a combination of industryu2011standard tooling and extensive custom exploit and tooling development. The Principal Engineer applies deep expertise in adversary tradecraft, scripting, and automation to emulate realu2011world threat actors at scale, aligning attack scenarios with modern and emerging Tactics, Techniques, and Procedures (TTPs). Offensive activities are informed by current threat intelligence and adversary modeling to ensure realistic, intelligenceu2011driven simulations that meaningfully stress defensive controls. The role serves as a critical purple team partner and trusted advisor to detection, response, and incident investigation teams, translating complex offensive findings into measurable improvements in defensive capability, telemetry, and operational readiness. Through clear articulation of technical risk and business impact, the Principal Engineer influences enterprise security strategy, informs longu2011term defensive investments, and supports highu2011severity investigations and postu2011incident analysis. All offensive activities are executed with strong governance awareness, ensuring alignment with regulatory, audit, and compliance expectations while advancing the organizationu2019s adversaryu2011informed security posture. Role Responsibilities: Penetration Testing & Adversary Operations + Lead and execute advanced internal and external penetration tests across enterprise, cloud, and emerging technology environments. + Design and execute custom adversary emulation campaigns to pressureu2011test detection, response, and control effectiveness. + Own and evolve the offensive security toolset, including development of custom exploits, scripts, and attack frameworks. + Produce executiveu2011ready assessments that clearly articulate technical risk, business impact, and remediation priorities. Purple Team & Defensive Enablement + Partner closely with detection, response, and security engineering teams to drive purple team exercises and adversaryu2011informed improvements at scale. + Translate offensive findings into measurable enhancements in monitoring, telemetry, alerting, and response workflows. + Lead technical deep dives and knowledgeu2011sharing sessions to elevate enterprise understanding of adversary behavior and attack paths. Security Strategy, Automation & Incident Support + Influence enterprise adversary operations and threat management strategy through risku2011based assessments and adversary trend analysis. + Architect and implement automation to scale penetration testing and adversary simulation capabilities. + Provide expert adversary insight during incident response and threat hunting, informing hypotheses, detections, and postu2011incident improvements. Required Qualifications + 10+ years of handsu2011on experience in penetration testing, red teaming, adversary emulation, and/or offensive security. + 7+ years of deep experience with tools such as Kali Linux, Metasploit, Nmap, Burp Suite, and comparable frameworks. + 5+ years of advanced scripting experience (Python, PowerShell, Bash, or similar languages). + 5+ years of experience securing and testing cloud platforms (AWS, Azure, GCP) and containerized environments. Preferred Qualifications + Advanced certifications such as OSCP, OSCE, CISSP, CEH, or GPEN. + Demonstrated leadership in purple team programs and adversary simulation initiatives. + Strong familiarity with PCIu2011DSS, HIPAA, ISO 27001, and enterprise compliance environments. + Expert knowledge of MITRE ATT&CK, NIST, and CIS security frameworks. + Exceptional communication skills with the ability to influence technical and nonu2011technical senior stakeholders. Education + Bacheloru2019s degree or equivalent experience (High School Diploma and 4 years relevant experience) Pay Range The typical pay range for this role is: $144,200.00 - $288,400.00 This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the companyu2019s equity award program. Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong. Great benefits for great people We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families. This fullu2011time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial wellu2011being of colleagues and their families. The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility. Additional details about available benefits are provided during the application process and on Benefits Moments (. We anticipate the application window for this opening will close on: 05/11/2026 Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.CVS Health is an equal opportunity/affirmative action employer, including Disability/Protected Veteran u2014 committed to diversity in the workplace.

Created: 2026-04-29