Senior Offensive Security Engineer, Red Team

Job Location

CINCINNATI GENERAL OFFICES

Job Description

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G.  Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide.  Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands.

From Day 1, you’ll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded.

The Opportunity

Are you a person who is passionate about breaking applications, devices, services and/or processes to help protect them against the world’s most advanced cyber security adversaries?

The Information Security Protect organization at P&G is responsible for providing a realistic depiction of threat actor behaviors and scenarios during simulated exercises. We drive improvements to applications and systems, as well as detection and response capabilities through regular testing of security controls across the enterprise.

Responsibilities:

• Lead end-to-end red team operations aligned to priority threat actors: scenario design, ROE, pre-briefs, execution, and hot-wash/AAR.
• Support purple-team engagements with DFIR/SOC and Detection Engineering to convert TTPs into durable detections, runbooks, and response improvements with measurable outcomes.
• Orchestrate assumed-breach campaigns emphasizing evasion and control bypass (EDR/AV, email/web security, identity/conditional access, network segmentation, cloud guardrails).
• Perform campaign/TTP research, develop internal PoCs/tooling (e.g., tradecraft to exercise specific controls, lightweight payloads), and steward OPSEC.
• Produce executive-ready risk narratives and technical reporting (ATT&CK mapping, artifacts, evidence handling) and brief senior leadership.
• Mentor junior engineers; set standards for craft quality, methodology, and safety.
• Coordinate multi-party/third-party exercises; manage risk, deconflict with production, and ensure stakeholder alignment.
• Contribute to operational expansion by researching, prototyping, and developing novel capabilities for offensive use.
• Contribute to program maturity: metrics/KPIs, roadmap, methodology standardization, control validation cadence, and integration with vulnerability management.

Job Qualifications

Required:

• BA or BS degree in Information Security, Cyber Security, Computer Science, or related field (OR 7+ years of relevant experience required in lieu of a degree).
• 5+ years running offensive or emulation operations in large/complex environments, with demonstrated impact on detections/response.
• Expertise across 2+ domains: enterprise/web/mobile apps; identity; cloud (AWS/GCP/Azure); network/endpoint; IoT/OT; or directory services.
• Proven ability to bypass preventative/detective controls and reach mission objectives while maintaining safety and ROE.
• Strong engineering skills (Python, PowerShell, GO, C++, Web Frameworks); comfort with low-level concepts a plus) and familiarity with C2 tradecraft.
• Deep command of MITRE ATT&CK and threat-informed defense; history partnering with DFIR/SOC and Detection Engineering.
• Excellent executive and technical communication.
• Ability to work in Cincinnati, Ohio based office 3 days per week.

Preferred:

• Leadership of purple-team campaigns and incident-driven emulations; closed-loop improvements with measurable KPI movement.
• Building program metrics/KPIs, standardizing reporting, and integrating with risk governance.
• Threat-intel integration: actor/campaign analysis, hypothesis generation, and prioritization tied to business impact.
• Identity and cloud attack paths (SSO, MFA, OAuth, PAM; AWS/GCP/Azure control planes) with hardening collaboration across platform/IDAM teams.
• Coordinating large third-party exercises and setting complex ROE.

Pay Range: $110,000 - $165,000

Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process.

Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ’s, please click HERE.

P&G participates in e-verify as required by law.

Qualified individuals will not be disadvantaged based on being unemployed.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Job Schedule

Full time

Job Number

R000138781

Job Segmentation

Experienced Professionals

Starting Pay / Salary Range

$110,000.00 - $165,000.00 / year